The present document provides technical solutions for oneM2M authorization architecture@ authorization procedures and access control policies. The present document also gives evaluations of these proposed technical solutions. ETSI TS 118 103 [i.2] only defines a high level authorization architecture that describes its major components and general authorization procedure. The objective of the present document is to provide candidate security solutions related to authorization architecture@ authorization procedures and access control policies. The present document provides security solutions in the following three aspects: ? Detailed design of authorization architecture: This part investigates the interfaces among authorization components (e.g. procedures and parameters)@ how these components could be distributed in different oneM2M entities (i.e. different CSEs)@ and how to implement Role Based Access Control (RBAC) and token based access control. ? Supporting user specified access control policies: This part investigates how the oneM2M authorization system could be an extensible system that can support user-defined access control mechanisms and/or access control policy languages. ? Investigating existing access control policy languages: This part investigates if some standardized access control policy languages could become oneM2M recommended access control policy description languages.