In the Internet of Everything, many different devices will be accessed by many different entities. These devices may include, but are not limited to including, information technology devices (computers, smartphones, printers, storage, networking gear), sensors (environmental, security, industrial, energy, medical, etc.), and actuators (doors, climate control, displays, media devices, vehicles, etc.). The entities seeking access to these devices may be the devices' owner, family, friends, call center agents, service technicians, cloud applications, and various artificial intelligence (“AI”) entities, as well as unwelcome individuals (e.g., “hackers”). The access provided to these devices may depend on the entity that seeks access, the resources on the devices to which access is requested, the mode of access and environmental parameters specific to or not specific to the functionality of the device (e.g., time of the day, location of the device etc.).
Today, granting entities appropriate level of access to the devices for an appropriate interval of time is challenging, cumbersome, and error prone. Providing such access requires session and signaling and trust establishment between three parties, e.g., the entity that seeks access, the individual that has the power to administer the device and the device itself. Establishing these trust relationships may be difficult as the number of devices/sensors in a home or other customer premise may be quite large. Furthermore, creating separate 3-party trust relationships with each of the devices may be cumbersome, and the devices may be operating under constrained operating conditions with limits on power usage, processing capability, and cryptographic capabilities. Furthermore, in some situations, the administrator of a device may want to monitor the access to the device and revoke access rights at any time.