Securing IoT applications will require a large effort. IoT will massively collect and process data, much of which will be related to individuals. As today, we will have to deal with SW vulnerabilities in the constrained devices and in the "cloud" IT infrastructure and with social-engineering-based intrusions, but it will be easy to physically attack devices and extract information data, credentials, secrets, or policies embedded in them, and to manipulate messages on poorly secured wireless channels. It will difficult to detect attacks and to react to them efficiently. Taming IoT will require that we accept the existence of attacks as the normal case, but that we do not allow attackers to obtain too much power, to escalate their intrusions to other parts of the system, or to use their privileges to craft attacks that combine functionalities ways not foreseen. In this talk we will discuss some of the building blocks that will to be necessary to develop: delegation to non-constrained devices, local reasoners, and token-based work-flow enforcement.