Search

35 result(s) for PushManagement

• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  3.1.20 PushManagement
  PushManagement a workflow where a GlobalService manages a Server's configuration
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  6.4 Application Registration Workflow
  PullManagement workflow. Continue with PullManagement inside a headless application. Continue with PushManagement . Set application Certificate on GDS For option (2) the current application Certificate must be configured for the application ... configuration in the GDS is currently not in the scope of this specification. Configure PushManagement For option (3) the application must be configured for PushManagement in the CertificateManager . The configuration
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  7.1 Overview
  There are two primary models for Certificate management: PullManagement and PushManagement . In PullManagement , the application acts as a Client and uses the Methods on the CertificateManager to request and update ... responsible for ensuring the Certificates and TrustLists are kept up to date. In PushManagement the application acts as a Server and exposes Methods which the CertificateManager can call to update
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  7.2 Roles and Privileges
  Well-known Roles for Server managed by a CertificateManager Name Description SecurityAdmin For PushManagement , this Role grants the right to change the security configuration of a Server managed
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  7.4 Push Management
  Push Management PushManagement is targeted at applications that can be configured with a CertificateManager or agent acting as a Client . The Methods defined in 7.10 are used to create ... pushed to the Server with the UpdateCertificate Method . There are two use cases for PushManagement: Management of a Server via the ServerConfiguration Object (see 7.10.4 ); Management of a Server, Client
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  7.5 Application Setup
  setup using the PullManagement . Applications using a Server interface can be setup using the PushManagement . PushManagement and PullManagement are also integrated into OPC 10000-21 which specifies how new Devices ... provides the proper SecurityAdmin credentials to create the secure connection needed for setup using PushManagement . Once the Server has been given its initial TrustList the Server should then restrict access
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  7.7.3 Update TrustList Workflow
  shown in Figure 18 . The boxes with blue text indicate Method calls. Figure 18 - PushManagement Update TrustList Workflow The steps of the PushManagement Update TrustList workflow are described in Table ... Table 23 - PushManagement Update TrustList Workflow Steps Step Description Initial Conditions The update is triggered when the CertificateManager needs to update a TrustList as part of a larger workflow
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  7.8.2.1 TrustListType
  Property is not present. When a CertificateManager is updating a TrustList as part of PushManagement , it sets this UpdateFrequency based on when the Server should raise Alarms if the CRLs
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  7.8.2.3 OpenWithMasks
  CertificateAuthorityAdmin Role, the ApplicationSelfAdmin Privilege, or the ApplicationAdmin Privilege (see 7.2 ). For PushManagement , this Method shall be called from an authenticated SecureChannel and from a Client that has access
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  7.8.2.5 CloseAndUpdate
  CertificateAuthorityAdmin Role, the ApplicationSelfAdmin Privilege, or the ApplicationAdmin Privilege (see 7.2 ). For PushManagement , this Method shall be called from an authenticated SecureChannel and from a Client that has access
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  7.8.2.6 AddCertificate
  from a Client that has access to the CertificateAuthorityAdmin Role (see 7.2 ). For PushManagement , this Method shall be called from an authenticated SecureChannel and from a Client that has access
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  7.8.2.7 RemoveCertificate
  from a Session that has access to the CertificateAuthorityAdmin Role (see 7.2 ). For PushManagement , this Method shall be called from an authenticated SecureChannel and from a Session that has access
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  7.8.3.2 GetRejectedList
  trusted. For PullManagement , this Method is not present on the CertificateGroup . For PushManagement , this Method shall be called from an authenticated SecureChannel and from a Client that has access
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  7.10.1 Overview
  Overview If a Server supports PushManagement it is required to support an information model as part of its AddressSpace . It shall support the ServerConfiguration Object shown in Figure 23 . Figure ... manage. For example, a Server may have associated Client applications that do not support PushManagement so the Server can become a proxy for these Clients
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  7.10.3 ServerConfigurationType
  defines a concrete ObjectType which represents the configuration of the local Server that supports PushManagement . The ServerConfiguration Object (see 7.10.4 ) is the single instance of this Object that appears
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  8.1 Overview
  into a single application. There are two primary models for KeyCredential management: pull and PushManagement . In PullManagement , the application acts as a Client and uses the Methods on the KeyCredentialService ... application is responsible for ensuring the KeyCredentials are kept up to date. In PushManagement the application acts as a Server and exposes Methods which the KeyCredentialService can call to update
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  8.2 Roles and Privileges
  Well-known Roles for Server managed by a KeyCredentialService Name Description SecurityAdmin For PushManagement , this Role grants the right to change the security configuration of a Server managed
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  8.4 Push Management
  Object in a Server . The interactions between the Administration application and the KeyCredentialService during PushManagement are illustrated in Figure 26 . Figure 26 - The Push Model for KeyCredential Management The Administration ... before initiating the credential request on behalf of the Server . Security, when using the PushManagement model, requires an encrypted channel and Clients with acccess to the SecurityAdmin Role
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  8.6.1 Overview
  Overview The AddressSpace used for PushManagement is shown in Figure 28 . Clients interact with the Nodes defined in this model when they update the KeyCredentials used by a Server
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  G.2 Application setup with the PushManagement
  Application setup with the PushManagement Applications that support PushManagement (see 7.4 ) to initialize their configuration shall have a default Certificate assigned before the PushManagement process can start. In addition, applications
• OPC-10000-21 – OPC Unified Architecture - Part 21: Device Onboarding
  3.1.7 DCA Server
  Server a DCA which is a Server and supports PushManagement
• OPC-10000-21 – OPC Unified Architecture - Part 21: Device Onboarding
  3.1.9 Device Configuration Application (DCA)
  interact with the Registrar. Note 2 to entry: the Registrar uses PushManagement (see 7.3 ) to interact with a DCA which is a Server
• OPC-10000-21 – OPC Unified Architecture - Part 21: Device Onboarding
  4.2.4 Trust on First Use (TOFU)
  configuration ( PullManagement , see 7.2 ) or wait for another application to provide its configuration ( PushManagement , see 7.3 ). Once the onboarding process completes the DCA is supplied with credentials that authorize Applications
• OPC-10000-21 – OPC Unified Architecture - Part 21: Device Onboarding
  4.3.2 Onboarding
  which interacts with the Registrar using the interactions described in PullManagement ( 7.2 ) or PushManagement ( 7.3 ). These interactions are secured with a DeviceIdentity Certificate . After authentication completes, the DCA is issued
• OPC-10000-21 – OPC Unified Architecture - Part 21: Device Onboarding
  4.3.5 Operation
  possible to update the TrustList and/or renew the Application Instance Certificate using the CertificateManager PushManagement or PullManagement described in OPC 10000-12 . Some Devices may allow the Application configuration
• OPC-10000-21 – OPC Unified Architecture - Part 21: Device Onboarding
  6.3 Authentication
  Client or a Server . Clients use PullManagement which is defined in 7.2 . Servers use PushManagement which is described in 7.3 . Devices which are a Client and a Server ... participate in the network. The SoftwareUpdateManager may use the software update model ( PushManagement only) in OPC 10000-100 or it may rely on proprietary mechanisms that are specific
• OPC-10000-21 – OPC Unified Architecture - Part 21: Device Onboarding
  7.1 Overview
  between the Registrar and the Device is secured with a DeviceIdentity Certificate . When using PushManagement ( 7.3 ), the Registrar is a Client that calls GetEndpoints via connection without security ... match. If that fails it either calls the RequestTickets Method on the DCA (see PushManagement in 7.3 ), or returns a code from ProvideIdentities Method that tells the DCA to call
• OPC-10000-21 – OPC Unified Architecture - Part 21: Device Onboarding
  7.3 Push Management
  Push Management Servers may use PushManagement which is illustrated in Figure 6 . Figure 6 - Device Authentication using Push Management See 7 for a complete description of the authentication process. Each
• OPC-10000-21 – OPC Unified Architecture - Part 21: Device Onboarding
  9.1 Overview
  defines the Information Model implemented in a DCA Server that provides support for PushManagement defined
• OPC-10000-21 – OPC Unified Architecture - Part 21: Device Onboarding
  9.2.1 Overview
  authenticate themselves. It also allows Endpoints for new Devices to be manually registered for PushManagement when no multicast discovery mechanism is available. Figure 10 - Registrar Address Space for Onboarding Workflow
• OPC-10000-21 – OPC Unified Architecture - Part 21: Device Onboarding
  9.2.5 RegisterDeviceEndpoint
  Registrar knows the location of a Device it schedules a task that uses PushManagement to complete the onboarding process. This Method shall be called from an authenticated SecureChannel and from
• OPC-10000-21 – OPC Unified Architecture - Part 21: Device Onboarding
  9.3.1 Overview
  Overview Devices that support PushManagement described in 7.3 have a Server that implements the Information Model shown in Figure 11 . This Information Model allows Registrars to authenticate Devices
• OPC-10000-21 – OPC Unified Architecture - Part 21: Device Onboarding
  9.3.2 ProvisionableDevice
  well-known Resource which is used to authenticate a Device using PushManagement . It is a target of an Organizes Reference from the Resources Object defined ... Rule OrganizedBy the Resources Object defined in OPC 10000-22 . Conformance Units Onboarding Server PushManagement
• OPC-10000-21 – OPC Unified Architecture - Part 21: Device Onboarding
  9.3.3 ProvisionableDeviceType
  ProvisionableDeviceType The ProvisionableDeviceType ObjectType defines Objects that support PushManagement described in 7.3 . The ObjectType is defined in Table 33 . Table 33 - ProvisionableDeviceType Definition Attribute Value BrowseName 0:ProvisionableDeviceType IsAbstract False ... HasComponent Object 0:<ApplicationName> 0:ApplicationConfigurationType OptionalPlaceholder Conformance Units Onboarding Server PushManagement The IsSingleton Property indicates whether the DCA and the operational Server are the same. If TRUE
• OPC-10000-21 – OPC Unified Architecture - Part 21: Device Onboarding
  9.3.4 RequestTickets
  list of Tickets stored on the Device . It is called by a Client using PushManagement to authenticate a Device. The Registrar follows the process described in 7 to select