The Front-End Access Control (FEAC) system – patent pending – is a new concept of the capability-based access control solutions. It delegates authentication and authorization to the front-end, to the user side. To realize the highest possible level of protection access tokens are generated real-time in a secure element (chip card) of the user. FEAC is particularly suitable for the protection of IoT architectures as it supports scalability, the heterogeneity of the devices and networking protocols, the least privilege principle, delegation of privileges with audit trails, as well as real time issuance and revocation of access credentials. The solution supports the construction of constrained, simple, but still highly protected IoT systems and devices, as security functions are removed from the weak protected systems, nods to the more powerful user devices.
FEAC can be implemented as a system component for new deployments or can be installed as a gateway device to increase the security level of weak legacy architectures.