This work introduces a novel access control solution for infrastructures composed of highly constrained devices which provide users with services. Low energy consumption is a key point in this kind of scenarios given that devices usually run on batteries and are unattended for long periods of time. Our proposal achieves privacy, authentication, semantic security, low energy and computational demand and device compromise impact limitation on a simple manner. The access control provided is based on user identity and time intervals. We discuss these properties and compare our proposal to previous related work.