OPC UA provides standard approach for implementing role based security. Serversmay choose to implement none, part or all of mechanisms defined in OPC 10000-5 and in OPC 10000-18. The OPC UA approach assigns Permissionsto Rolesillustrated in Figure 4. Clientsare then granted Rolesbased on connection information (Sessioncreation). Rolesmight be restricted by User Authentication, Application Authentication, SecurityModes, or Transports. The assignment of Rolesand restrictions is application specific, but they might be assigned to all Nodesin a Namespaceor to specific Nodes.

image007.png

Figure 4– Role overview

For additional description of Rolessee in OPC 10000-18.