In the concept of "Web of Things", physical devices are seamlessly integrated into the Web. Devices can be shared to others and be utilized to create new applications. This, however, implies that devices are available to the world and problems like privacy violations and device security will become more serious without proper access control.In this paper, we propose a method that enables people to share their devices to others with flexible access control. We illustrate how to rely on existing social networks to enable owners to leverage user profiles and social links in place for creating access control rules. We integrate SNS into Role-Based Access Control Model to achieve our proposition.This paper first analyzes the requirements of Web of Things environment. Based on these requirements, we desgined an SNS and device attribute based RBAC model. We described our design idea, model composition and workflows of this model. This paper also studies on the rule management mechanism of the model. Then we applied the model to the Web of Things environment with fine-grained and flexible rules.Finally, this paper describes the implementation and the test of the web of things access control scheme. |