For the purposes of this document the following terms and definitions as well as the terms and definitions given in OPC 10000-1, OPC 10000-2, OPC 10000-3, OPC 10000-4, OPC 10000-6 and OPC 10000-9 apply.
a software application that manages the Certificates used by Applications in an administrative domain.
a context used to manage the TrustList and Certificate(s) associated with Applications or Users.
a PKCS #10 encoded structure used to request a new Certificate from a Certificate Authority.
Note 1 to entry: Devices have hardware-based mechanisms, such as a TPM, to protect Private Keys.
a physical address available on a network that allows Servers to initiate a reverse connection.
a software application, or a set of applications, that stores and organizes information about resources such as computers or services.
an Application that maintains a list of OPC UA Applications that are available on the network and provides mechanisms for other OPC UA Applications to obtain this list.
a URL for a network Endpoint that provides the information required to connect to a Client or Server.
a Server that provides numerous services related to discovery and security management.
Note 1 to entry: a GDS may also be a CertificateManager.
Note 2 to entry: a GDS may also be a KeyCredentialService.
Note 3 to entry: a GDS may also be a AuthorizationService.
a Server that provides centrally managed capabilities needed for a system.
Note 4 to entry: a GlobalDiscoveryServer, a CertificateManager, a KeyCredentialService and an AuthorizationService are all examples of GlobalServices.
a unique number assigned to a network interface that allows Internet Protocol (IP) requests to be routed to that interface.
Note 1 to entry: An IPAddress for a host may change over time.
a unique identifier and a secret used to access an AuthorizationService or a Broker.
Note 1 to entry: a user name and password is an example of a KeyCredential.
a software application that provides KeyCredentials needed to access an AuthorizationService or a Broker.
a DiscoveryServer that maintains a list of all Servers that have registered with it.
Note 1 to entry: Servers normally register with the LDS on the same host.
a LocalDiscoveryServer that includes the MulticastExtension.
an extension to a LocalDiscoveryServer that adds support for the mDNS protocol.
a network that allows multicast packets to be sent to all nodes connected to the network.
Note 1 to entry: a MulticastSubnet is not necessarily the same as a TCP/IP subnet.
a named set of rights which cannot be expressed as Permissions granted on Nodes.
Note 1 to entry: For example, a Privilege can be defined when the right to call a Method depends on the parameters passed to the Method.
Note 5 to entry: a Privilege is a document convention that does not appear in the Server AddressSpace.
a workflow where a Client manages its configuration by using a GlobalService.
a workflow where a GlobalService manages a Server’s configuration.
a short identifier which uniquely identifies a set of discoverable capabilities supported by an OPC UA Application.
Note 1 to entry: the list of the currently defined CapabilityIdentifiers is in Annex D.