Abstract
The integration of resource constrained devices as front nodes in IoT networks is one of the major factors preventing the adoption proven security best practices and techniques. For example, certificate based authentication is still a forlorn quest for ZigBee designers and developers. Although, the capabilities of these devices may improve over time, there is no indication this will happen soon. This paper proposes a hierarchical device virtualization solution for the problem. The proposed solution extends previous virtualization efforts made in different contexts. The essence of the solution is that resource constrained devices are hidden behind software Virtual Resources (VR's) that represent them on the network. Each VR represents a cluster or group of devices belonging to the same class and actively responds to all requests directed to these devices, while working in the background to collect data or pass control actions to the actual physical devices. Since VR's do not suffer resource limitations, they should be able to participate conveniently in certificate based authentication handshakes and similar complex security operations.