Abstract-The emergence of the Internet of Things (IoT) paradigm, provides a huge scope for more streamlined living through an increase of smart services but this coincides with an increase in security and privacy concerns, therefore access control has been an important factor in the development of IoT.This work proposes an authorization access model called SmartOrBAC built around a set of security and performance requirements. This model enhances the existing OrBAC (Organization-based Access Control) model and adapts it to IoT environments. SmartOrBAC separates the problem into different functional layers and then distributes processing costs between constrained devices and less constrained ones and at the same time addresses the collaborative aspect with a specific solution. This paper also presents the application of SmartOrBAC on a real example of IoT and gives a complexity study demonstrating that even though this model is extensive, it does not add additional complexity regarding traditional access control models.