The Internet of Things (IoT) represents the current technology revolution that is intended to transform the current environment into a more pervasive and ubiquitous world. In this emerging ecosystem, the application of standard security technologies has to cope with the inherent nature of constrained physical devices, which are seamlessly integrated into the Internet infrastructure. This work proposes a set of lightweight authentication and authorization mechanisms in order to support smart objects during their life cycle. Furthermore, such mechanisms are framed within a proposed security framework, which is compliant with the Architectural Reference Model (ARM), recently presented by the EU FP7 IoT-A project. The resulting architecture is intended to provide a holistic security approach to be leveraged in the design of novel and lightweight security protocols for IoT constrained environments.