The AddressSpace used for PushManagement is shown in Figure 26. Clients interact with the Nodes defined in this model when they need update the KeyCredentials used by a Server to access resources such as Brokers or Authorization Servers. The KeyCredentialConfiguration Folder is a well-known Object that appears in the AddressSpace of any Server which supports KeyCredential management.
Figure 26 – The Address Space used for Push KeyCredential Management
This ObjectType is the TypeDefinition for an Folder Object that contains the KeyCredentialConfiguration Objects which may be accessed via the Server.
Table 93 – KeyCredentialConfigurationFolderType Definition
|
Attribute |
Value |
|||
|
BrowseName |
0:KeyCredentialConfigurationFolderType |
|||
|
IsAbstract |
False |
|||
|
References |
NodeClass |
BrowseName |
TypeDefinition |
Modelling Rule |
|
Subtype of the 0:FolderType defined in OPC 10000-5. |
||||
|
0:HasComponent |
Object |
0:<ServiceName> |
0:KeyCredentialConfigurationType |
Optional Placeholder |
|
0:HasComponent |
Method |
0:CreateCredential |
Defined in 8.6.3. |
Optional |
|
|
||||
|
Conformance Units |
||||
|
GDS Key Credential Service Push Model |
||||
CreateCredential is used to add a new KeyCredentialConfiguration Object.
This Method shall be called from an encrypted SecureChannel and from a Client that has access to the SecurityAdmin Role (see 8.2).
Signature
CreateCredential (
[in] String name
[in] String resourceUri
[in] String profileUri
[in] String[] endpointUrls
[out] NodeId credentialNodeId
);
|
Argument |
Description |
|
name |
This the BrowseName of the new Object. |
|
resourceUri |
The resourceUri uniquely identifies the resource that accepts the KeyCredentials. A valid URI shall be provided. |
|
profileUri |
The specified URI assigned in OPC 10000-7 to the protocol used to communicate with the resource identified by the resourceUri. A valid URI shall be provided. |
|
endpointUrls |
The specifies URLs used by the Server to communicate with the resource identified by the resourceUri. Valid URLs shall be provided. |
|
credentialNodeId |
A unique identifier for the new KeyCredentialConfiguration Object Node. |
Method Result Codes (defined in Call Service)
|
Result Code |
Description |
|
Bad_InvalidArgument |
The resourceUri, profileUri, or one or more endpointUrls are not valid. |
|
Bad_UserAccessDenied |
The current user does not have the rights required. |
|
Bad_SecurityModeInsufficient |
The SecureChannel is not encrypted. |
Table 94 specifies the AddressSpace representation for the CreateCredential Method.
Table 94 – CreateCredential Method AddressSpace Definition
|
Attribute |
Value |
||||
|
BrowseName |
0:CreateCredential |
||||
|
References |
NodeClass |
BrowseName |
DataType |
TypeDefinition |
ModellingRule |
|
0:HasProperty |
Variable |
0:InputArguments |
Argument[] |
0:PropertyType |
Mandatory |
|
0:HasProperty |
Variable |
0:OutputArguments |
Argument[] |
0:PropertyType |
Mandatory |
This Object is an instance of FolderType. It contains The Objects which may be accessed via the Server. It is the target of an HasComponent reference from the ServerConfiguration Object defined in 7.10.3. It is defined in Table 95.
Table 95 – KeyCredentialConfiguration Object Definition
|
Attribute |
Value |
||||
|
BrowseName |
0:KeyCredentialConfiguration |
||||
|
TypeDefinition |
0:KeyCredentialConfigurationFolderType defined in 8.6.2. |
||||
|
References |
NodeClass |
BrowseName |
TypeDefinition |
|
Modelling Rule |
|
|
|||||
|
Conformance Units |
|||||
|
GDS Key Credential Service Push Model |
|||||
This ObjectType is the TypeDefinition for an Object that allows the configuration of KeyCredentials used by the Server. It also includes basic status information which report problems accessing the resource that might be related to bad KeyCredentials. It is defined in Table 96.
Table 96 – KeyCredentialConfigurationType Definition
|
Attribute |
Value |
||||
|
BrowseName |
0:KeyCredentialConfigurationType |
||||
|
IsAbstract |
False |
||||
|
References |
NodeClass |
BrowseName |
DataType |
TypeDefinition |
Modelling Rule |
|
Subtype of the BaseObjectType defined in OPC 10000-5. |
|||||
|
0:HasProperty |
Variable |
0:ResourceUri |
0:String |
0:PropertyType |
Mandatory |
|
0:HasProperty |
Variable |
0:ProfileUri |
0:String |
0:PropertyType |
Mandatory |
|
0:HasProperty |
Variable |
0:EndpointUrls |
0:String[] |
0:PropertyType |
Optional |
|
0:HasProperty |
Variable |
0:CredentialId |
0:String |
0:PropertyType |
Optional |
|
0:HasProperty |
Variable |
0:ServiceStatus |
0:StatusCode |
0:PropertyType |
Optional |
|
0:HasComponent |
Method |
0:GetEncryptingKey |
|
Defined in 8.6.6. |
Optional |
|
0:HasComponent |
Method |
0:UpdateCredential |
|
Defined in 8.6.7. |
Optional |
|
0:HasComponent |
Method |
0:DeleteCredential |
|
Defined in 8.6.8. |
Optional |
|
|
|||||
|
Conformance Units |
|||||
|
GDS Key Credential Service Push Model |
|||||
The ResourceUri Property uniquely identifies the resource that accepts the KeyCredentials.
The ProfileUri Property specifies the protocol used to access the resource.
The EndpointUrls Property specifies the URLs that the Server uses to access the resource.
The CredentialId Property is the identifier, such as a user name, which often needs to be presented when using the credentialSecret.
The ServiceStatus Property indicates the result of the last attempt to communicate with the resource. The following common error values are defined:
|
ServiceStatus |
Description |
|
Bad_OutOfService |
Communication was not attempted by the Server because Enabled is FALSE. |
|
Bad_IdentityTokenRejected |
Communication failed because the KeyCredentials are not valid. |
|
Bad_NoCommunication |
Communication failed because the endpoint is not reachable. Where possible a more specific error code should be used. See OPC 10000-4 for a complete list of standard StatusCodes. |
The GetEncryptingKey Method is used request a Public Key that can be used to encrypt the KeyCredentials.
The UpdateKeyCredential Method is used to change the KeyCredentials used by the Server.
The DeleteKeyCredential Method is used to delete the KeyCredentials stored by the Server.
GetEncryptingKey is used to request a key that can be used to encrypt a KeyCredential.
This Method shall be called from an encrypted SecureChannel and from a Client that has access to the SecurityAdmin Role (see 8.2).
Signature
GetEncryptingKey(
[in] String credentialId
[in] String requestedSecurityPolicyUri
[out] ByteString publicKey
[out] String revisedSecurityPolicyUri
);
|
Argument |
Description |
|
credentialId |
The unique identifier associated with the KeyCredential. |
|
requestedSecurityPolicyUri |
The SecurityPolicy used to encrypt the secret. If not specified the Server chooses a suitable default. |
|
publicKey |
The Public Key used to encrypt the secret. The format depends on the SecurityPolicyUri. |
|
revisedSecurityPolicyUri |
The SecurityPolicy used to encrypt the secret. It also specifies the contents of the publicKey. This may be different from the requestedSecurityPolicyUri. |
Method Result Codes (defined in Call Service)
|
Result Code |
Description |
|
Bad_InvalidArgument |
The credentialId is not valid. |
|
Bad_UserAccessDenied |
The current user does not have the rights required. |
|
Bad_SecurityModeInsufficient |
The SecureChannel is not encrypted. |
Table 97 specifies the AddressSpace representation for the GetEncryptingKey Method.
Table 97 – GetEncryptingKey Method AddressSpace Definition
|
Attribute |
Value |
||||
|
BrowseName |
0:GetEncryptingKey |
||||
|
References |
NodeClass |
BrowseName |
DataType |
TypeDefinition |
ModellingRule |
|
0:HasProperty |
Variable |
0:InputArguments |
0:Argument[] |
0:PropertyType |
Mandatory |
|
0:HasProperty |
Variable |
0:OutputArguments |
0:Argument[] |
0:PropertyType |
Mandatory |
UpdateCredential is used to update a KeyCredential used by a Server.
The KeyCredential secret may be encrypted using the key returned by GetEncryptingKey. The SecurityPolicyUri species the algorithm used for encryption. The format of the encrypted data is described in 8.5.6.
This Method shall be called from an encrypted SecureChannel and from a Client that has access to the SecurityAdmin Role (see 8.2).
Signature
UpdateCredential(
[in] String credentialId
[in] ByteString credentialSecret
[in] String certificateThumbprint
[in] String securityPolicyUri
);
|
Argument |
Description |
|
credentialId |
The credentialId is the identifier, such as a user name, which often needs to be presented when using the credentialSecret. |
|
credentialSecret |
The secret associated with the KeyCredential. |
|
certificateThumbprint |
The thumbprint of the Certificate used to encrypt the secret. For RSA SecurityPolicies this shall be one of the Application Instance Certificates assigned to the Server. For ECC SecurityPolicies this field is not specified.Not specified if the secret is not encrypted. |
|
securityPolicyUri |
The SecurityPolicy used to encrypt the secret. If not specified the secret is not encrypted. |
Method Result Codes (defined in Call Service)
|
Result Code |
Description |
|
Bad_InvalidArgument |
The credentialId or credentialSecret is not valid. |
|
Bad_CertificateInvalid |
The Certificate is invalid or it is not one of the Server’s Certificates. |
|
Bad_SecurityPolicyRejected |
The SecurityPolicy is unrecognized or not allowed. |
|
Bad_UserAccessDenied |
The current user does not have the rights required. |
|
Bad_SecurityModeInsufficient |
The SecureChannel is not encrypted. |
Table 99 specifies the AddressSpace representation for the UpdateKeyCredential Method.
Table 98 – UpdateCredential Method AddressSpace Definition
|
Attribute |
Value |
||||
|
BrowseName |
0:UpdateCredential |
||||
|
References |
NodeClass |
BrowseName |
DataType |
TypeDefinition |
ModellingRule |
|
0:HasProperty |
Variable |
0:InputArguments |
0:Argument[] |
0:PropertyType |
Mandatory |
DeleteCredential is used to delete a KeyCredential used by a Server.
This Method shall be called from an encrypted SecureChannel and from a Client that has access to the SecurityAdmin Role (see 8.2).
Signature
DeleteCredential();
Method Result Codes (defined in Call Service)
|
Result Code |
Description |
|
Bad_UserAccessDenied |
The current user does not have the rights required. |
|
Bad_SecurityModeInsufficient |
The SecureChannel is not encrypted. |
Table 98 specifies the AddressSpace representation for the DeleteKeyCredential Method.
Table 99 – DeleteCredential Method AddressSpace Definition
|
Attribute |
Value |
||||
|
BrowseName |
0:DeleteCredential |
||||
|
References |
NodeClass |
BrowseName |
DataType |
TypeDefinition |
ModellingRule |
This event is raised when a KeyCredential is updated.
This Event and its subtypes report sensitive security related information. Servers shall only report these Events to Clients which are authorized to view such information.
This is the result of a UpdateCredential Method completing.
Its representation in the AddressSpace is formally defined in Table 100.
Table 100 – KeyCredentialUpdatedAuditEventType Definition
|
Attribute |
Value |
||||
|
BrowseName |
0:KeyCredentialUpdatedAuditEventType |
||||
|
IsAbstract |
False |
||||
|
References |
NodeClass |
BrowseName |
DataType |
TypeDefinition |
Modelling Rule |
|
Subtype of the 0:KeyCredentialAuditEventType defined in 8.5.8. |
|||||
|
|
|||||
|
Conformance Units |
|||||
|
Push Model for KeyCredential Service |
|||||
This EventType inherits all Properties of the KeyCredentialAuditEventType.
This event is raised when a KeyCredential is updated.
This is the result of a DeleteCredential Method completing.
Its representation in the AddressSpace is formally defined in Table 101.
Table 101 – KeyCredentialDeletedAuditEventType Definition
|
Attribute |
Value |
||||
|
BrowseName |
0:KeyCredentialDeletedAuditEventType |
||||
|
IsAbstract |
False |
||||
|
References |
NodeClass |
BrowseName |
DataType |
TypeDefinition |
Modelling Rule |
|
Subtype of the 0:KeyCredentialAuditEventType defined in 8.5.8. |
|||||
|
|
|||||
|
Conformance Units |
|||||
|
GDS Key Credential Service Push Model |
|||||
This EventType inherits all Properties of the KeyCredentialAuditEventType.