Errata exists for this version of the document.
The SecurityGroupType is formally defined in Table 101.
The Permission of the SecurityGroupType Objects controls the access to the security keys for the SecurityGroup through the Method GetSecurityKeys. The GetSecurityKeys Method is defined in 8.4.
Table 101 – SecurityGroupType Definition
|
Attribute |
Value |
||||
|
BrowseName |
SecurityGroupType |
||||
|
IsAbstract |
False |
||||
|
References |
Node Class |
BrowseName |
DataType |
TypeDefinition |
Modelling Rule |
|
Subtype of BaseObjectType defined in OPC 10000-5. |
|||||
|
HasProperty |
Variable |
SecurityGroupId |
String |
PropertyType |
Mandatory |
|
HasProperty |
Variable |
KeyLifetime |
Duration |
PropertyType |
Mandatory |
|
HasProperty |
Variable |
SecurityPolicyUri |
String |
PropertyType |
Mandatory |
|
HasProperty |
Variable |
MaxFutureKeyCount |
UInt32 |
PropertyType |
Mandatory |
|
HasProperty |
Variable |
MaxPastKeyCount |
UInt32 |
PropertyType |
Mandatory |
The Property SecurityGroupId contains the identifier for the SecurityGroup used in the key exchange Methods GetSecurityKeys and SetSecurityKeys in the PubSubGroupType.
The Property KeyLifetime defines the lifetime of a key in milliseconds.
The Property SecurityPolicyUri is the identifier for a SecurityPolicy. SecurityPolicies define the set of algorithms and key lengths used to secure the messages exchanged in the context of the SecurityGroup. The SecurityPolicies are defined in OPC 10000-7.
The Property MaxFutureKeyCount defines the maximum number of future keys returned by the Method GetSecurityKeys.
The Property MaxPastKeyCount defines the maximum number of historical keys stored by the SKS. The historical keys are necessary to allow Subscribers to request keys for older NetworkMessages.