CSEIT1723268 | Received : 08 June 2017 | Accepted : 25 June 2017 | May-June-2017 [(2)3: 876-880] International Journal of Scientific Research in Computer Science, Engineering and Information Technology © 2017 IJSRCSEIT | Volume 2 | Issue 3 | ISSN : 2456-3307 876 Access Control Framework for API Enabled Devices Vandana C. P, Taffazul Imam, Shubham Dubey, Suman Thapa, Pradip Thapa Department of Information Science Engineering, New Horizon College of Engineering, Bangalore, Karnataka, India ABSTRACT The recent advances in information and communication technologies brought about a novel paradigm, Internet of Things (IoT), in which a variety of devices in the physical world are connected to the Internet. The security cannot be disregarded from the employment of API-enabled devices because the impact of the security breach in these devices tends to be larger, as it directly affects the physical environment we live in. If an unauthorized user is able to access API-enabled devices in smart buildings, it may harm an occupant’s life for instance by locking a door, turning off lights or air conditioners, which make occupants, lose their comfortable and so on. In this paper, an access control framework for API-enabled devices in smart buildings is implemented. Keywords : Internet of Things, API, Authentication Manager and Access Control Manager, Access Control Manager, MICROCONTROLLER, IDE, XML, SOAP, RFID, AVR I. INTRODUCTION Devices are nowadays increasingly inter-connected to each other and to Internet. These devices are vulnerable to the attacks and the data theft. To accommodate the dynamic environment in smart building the security manager is deployed as a trusted third party in the system that acts as a perfect bodyguard against unauthorized users.To support scalability and efficiency the security manager is split into Authentication Manager and Access Control Manager. II. WORKING After a device received a request from users, the device is forced to ask Access Control Manager to evaluate the received request. The access control manager evaluates the request based on the access control policies, which are composed by the Administrator in advance. In order to investigate the feasibility of the proposed framework, we implemented the security framework in our smart building systems, which the device API has been implemented. Our analysis results indicate that our framework is adequate to enforce security for API- enabled devices in smart buildings. Experimental results showed that our framework is feasible to be practically used in smart buildings. III. EXISTING SYSTEM The existing system were not that advanced enough to provide extra security features we evaluated some limitations in existing system:- LIMITATIONS • Authentication process is not addressed. • Access control process not properly addressed. • Insufficient measures to provide security measures to api devices. • Security, scalability, and performance of the proposed mechanism is not evaluated. • Physical world like the heterogeneity of devices, dynamic environment not addressed IV. PROPOSED SYSTEM The previous works mainly focused on integrating context information to Access control model and managing access control on heterogeneous protocol