Search
17 result(s) for Permissions
-
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model3.1.1 AccessRestrictionOperations can only be performed on a Node if the Client has the necessary Permissions and has satisfied all of the AccessRestrictions
-
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model4.12 Rolesapproach assigns Permissions to Roles illustrated in Figure 6 . Clients are then granted Roles based on connection information ( Session creation). Roles could be restricted by User Authentication , Application Authentication , SecurityModes ... Engineer, Operator , Observer and AuthenticatedUser. They are defined in OPC 10000-3 with recommended permissions. The standard Roles are also utilized in various other specification as recommended security setting
-
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model4.9.1 Overviewcentralized services to manage user identities and credentials while the Server only manages the Permissions on its Nodes assigned to Roles . The set of Roles supported by a Server ... system specific Roles . Adding, deleting, and modifying Roles is restricted to callers with appropriate permissions. When a Session is created, or a Session-less Service is called, the Server must
-
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space ModelEvaluating Permissions with Roles When a Client attempts to access a Node, the Server goes through the list of Roles granted to the Session and logically ORs the Permissions ... Role on the Node. If there are no Node specific Permissions then the default Permissions for the Role in the DefaultRolePermissions Property of the NamespaceMetadata for the namespace the Node
-
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model5.2.9 RolePermissionsRolePermissions The optional RolePermissions Attribute specifies the Permissions that apply to a Node for all Roles which have access to the Node . The value of the Attribute is an array ... Structures (see Table 8 ). Table 8 - RolePermissionType Name Type Description RolePermissionType Structure Specifies the Permissions for a Role roleId NodeId The NodeId of the Role Object . permissions PermissionType A mask
-
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model5.2.10 UserRolePermissionsUserRolePermissions The optional UserRolePermissions Attribute specifies the Permissions that apply to a Node for all Roles granted to current Session . The value of the Attribute is an array of RolePermissionType ... Structures (see Table 8 ). Clients may determine their effective Permissions by performing a logical OR of Permissions for each Role in the array. The value of this Attribute is derived
-
OPC-10000-4 – OPC Unified Architecture - Part 4: Services6.2.1 Overviewexternal Authorization Service the Server is still responsible for managing and enforcing the Permissions assigned to Nodes in its Address Space . The clauses below discuss the use of an external
-
OPC-10000-6 – OPC Unified Architecture - Part 6: MappingsF.5 RolePermissionRolePermission The RolePermission type specifies the Permissions granted to Role for a Node . The fields in the RolePermission type are defined in Table F.4 . Table F.4 - RolePermission Element Type Description ... NodeId NodeId The NodeId of the Role which has the Permissions . Permissions UInt32 A bitmask specifying the Permissions granted to the Role. The bitmask values the Permissions bits defined
-
OPC-10000-14 – OPC Unified Architecture - Part 14: PubSub5.3.7 SecurityGroupService (SKS) manages SecurityGroups and maintains a mapping between Roles and their access Permissions for a SecurityGroup . This mapping defines if a Publisher or Subscriber has access to the security
-
OPC-10000-14 – OPC Unified Architecture - Part 14: PubSub5.4.5.2 SecurityGroup ManagementAuthorization model defines the mapping of identities to Roles and the mechanism to set Permissions for Roles on a Node . The Permissions on a SecurityGroup Object is used to determine ... Method AddSecurityGroup . To limit access to the SecurityGroup and therefore to the security keys, Permissions shall be set on the SecurityGroup Object . This requires the management of Roles and Permissions
-
OPC-10000-14 – OPC Unified Architecture - Part 14: PubSubaccess the keys. One way to do this would be to check the Permissions assigned to the SecurityGroup Object identified by the GetSecurityKeys Method arguments. Publishers and Subscribers can request
-
OPC-10000-18 – OPC Unified Architecture - Part 18: Role-Based Security4.1 Generalimplement part or all of the mechanisms defined here. The OPC UA approach assigns Permissions to Roles for each Node in the AddressSpace . Clients are then granted Roles when they ... Client is with a user token and Client application identity) from authorization ( Permissions determining what the Client is allowed to do). By separating these tasks Servers can allow centralized services
-
OPC-10000-18 – OPC Unified Architecture - Part 18: Role-Based Security4.2.2 AddRole Methodmore Roles to be added. Bad_UserAccessDenied The caller does not have the necessary Permissions . Bad_SecurityModeInsufficient The SecureChannel is not encrypted. Bad_AlreadyExists The Role already exists
-
OPC-10000-18 – OPC Unified Architecture - Part 18: Role-Based Security4.2.3 RemoveRole Methodthey are necessary for the Server to function. If a Role is removed all Permissions associated with the Role shall be deleted. Ideally these changes should take effect immediately; however ... Role Object to be removed. Bad_UserAccessDenied The caller does not have the necessary Permissions . Bad_SecurityModeInsufficient The SecureChannel is not encrypted. Bad_RequestNotAllowed The specified Role Object cannot
-
OPC-10000-18 – OPC Unified Architecture - Part 18: Role-Based Security5.2.5 AddUser Methodinvalid combinations of flags set. Bad_UserAccessDenied The caller does not have the necessary Permissions . Bad_SecurityModeInsufficient The communication channel is not using encryption. Bad_ResourceUnavailable The Server does
-
OPC-10000-18 – OPC Unified Architecture - Part 18: Role-Based Security5.2.6 ModifyUser Methodinvalid combinations of flags set. Bad_UserAccessDenied The caller does not have the necessary Permissions . Bad_SecurityModeInsufficient The communication channel is not using encryption. Bad_InvalidSelfReference The user
-
OPC-10000-18 – OPC Unified Architecture - Part 18: Role-Based Security5.2.7 RemoveUser Methodspecified user does not exist. Bad_UserAccessDenied The caller does not have the necessary Permissions . Bad_NotSupported The user cannot be deleted due to NoDelete user configuration mask setting