Role based access control for connected consumer devices

摘要

A processing device authenticates a computing device of a user to a user account. The processing device determines a role associated with the user account, and additionally determines access permissions to one or more resources based on the role. The processing device then grants to the computing device access to the one or more resources to be protected in an internet of things (IoT) solution.

主权项

1. A method comprising:
authenticating, by a processing device, a first user to a first user account based on first received credentials; determining, by the processing device, a first role associated with the first user account, wherein the first role is an original equipment manufacturer (OEM) role; determining first access permissions to one or more resources based on the first role, the one or more resources comprising a network-connected device comprising an embedded system configured to perform one or more functions for the network-connected device, the embedded system comprising a communication module that enables that embedded system to connect to a network, wherein the first access permissions comprise permissions to view data from the network-connected device; granting to the first user access to view the data from the network-connected device based on the first access permissions; authenticating a second user to a second user account based on second received credentials; determining a second role associated with the second user account, wherein the second role is an end-user role; determining second access permissions to the one or more resources based on the second role, wherein the second access permissions comprise permissions to control the network-connected device; and granting to the second user access to control the network-connected device based on the second access permissions.