For the purposes of this document the following terms and definitions as well as the terms and definitions given in OPC 10000-1, OPC 10000-2, OPC 10000-3, OPC 10000-4, OPC 10000-6 and OPC 10000-9 apply.
a software application that manages the Certificates used by Applications in an administrative domain.
a context used to manage the TrustList and Certificate(s) associated with Applications or Users.
a PKCS #10 encoded structure used to request a new Certificate from a Certificate Authority.
Note 1 to entry: Devices have hardware based mechanisms, such as a TPM, to protect Private Keys.
a physical address available on a network that allows Servers to initiate a reverse connection.
a software application, or a set of applications, that stores and organizes information about resources such as computers or services.
an Application that maintains a list of OPC UA Applications that are available on the network and provides mechanisms for other OPC UA Applications to obtain this list.
a URL for a network Endpoint that provides the information required to connect to a Client or Server.
a Server that provides numerous services related to discovery and security management.
Note 1 to entry: a GDS may also be a CertificateManager.
Note 2 to entry: a GDS may also be a KeyCredentialService.
Note 3 to entry: a GDS may also be a AuthorizationService.
a Server that provides centrally managed capabilities needed for a system.
Note 4 to entry: a GlobalDiscoveryServer, a CertificateManager, a KeyCredentialService and an AuthorizationService are all examples of GlobalServices.
a unique number assigned to a network interface that allows Internet Protocol (IP) requests to be routed to that interface.
Note 1 to entry: An IPAddress for a host may change over time.
a unique identifier and a secret used to access an AuthorizationService or a Broker.
Note 1 to entry: a user name and password is an example of a KeyCredential.
a software application that provides KeyCredentials needed to access an AuthorizationService or a Broker.
a DiscoveryServer that maintains a list of all Servers that have registered with it.
Note 1 to entry: Servers normally register with the LDS on the same host.
a LocalDiscoveryServer that includes the MulticastExtension.
an extension to a LocalDiscoveryServer that adds support for the mDNS protocol.
a network that allows multicast packets to be sent to all nodes connected to the network.
Note 1 to entry: a MulticastSubnet is not necessarily the same as a TCP/IP subnet.
a named set of rights which cannot be expressed as Permissions granted on Nodes.
Note 1 to entry: For example, a Privilege can be defined when the right to call a Method depends on the parameters passed to the Method.
Note 5 to entry: a Privilege is a document convention that does not appear in the Server AddressSpace.
a workflow where a Client manages its configuration by using a GlobalService.
a workflow where a GlobalService manages a Server’s configuration.
a short identifier which uniquely identifies a set of discoverable capabilities supported by an OPC UA Application.
Note 1 to entry: the list of the currently defined CapabilityIdentifiers is in Annex D.
APIApplication Programming Interface
CACertificate Authority
CRLCertificate Revocation List
CSRCertificate Signing Request
DERDistinguished Encoding Rules
DHCPDynamic Host Configuration Protocol
DNSDomain Name System
ESTEnrolment over Secure Transport
GDSGlobal Discovery Server
IANA The Internet Assigned Numbers Authority
LDAPLightweight Directory Access Protocol
LDSLocal Discovery Server
LDS-MELocal Discovery Server with the Multicast Extension
mDNSMulticast Domain Name System
NATNetwork Address Translation
PEM Privacy Enhanced Mail
PFXPersonal Information Exchange
PKCSPublic Key Cryptography Standards
SHA1Secure Hash Algorithm
SSLSecure Socket Layer
TLSTransport Layer Security
TPMTrusted Platform Module
UA Unified Architecture
UDDIUniversal Description, Discovery and Integration