OPC UA provides standard approach for implementing role based security. Serversmay choose to implement none, part or all of mechanisms defined in OPC 10000-5. The OPC UA approach assigns Permissionsto Roles. Clientsare then granted Rolesbased on connection information. Rolesmight be restricted by User Authentication, Application Authentication, Security Modes, or Transports. The assignment of Rolesand restrictions is application specific. The interactions are illustrated in Figure 4.

image007.png

Figure 4- Role overview

For additional description of roles see in in OPC 10000-5