The control and protection of user data is a very important aspect in the design of Internet of Things (IoT) and smart-devices applications and services. The heterogeneity of the IoT technologies, the number of the participating devices and systems, the different types of users and roles create important challenges for the design and deployment of IoT. In particular, requirements of scalability, interoperability and privacy are difficult to address even with a considerable amount of existing work both in the research and standardization community. In this paper we propose a Security Toolkit, integrated in a management framework for IoT’ devices, that supports efficient data usage control and enables the protection of user data. Our framework is applied to a Smart City scenario in order to evaluate its feasibility and performance. ; JRC.G.6-Digital Citizen Security