8 PubSub Security Key Service model 
8.8 Security Key Service Roles
A SKS should support the well-known Roles for SKS which are defined in Table 176. The NodeIds for the well-known Roles are defined in OPC 10000-6.
Table 176 – Well-Known SKS Roles
| BrowseName | Suggested Permissions |
|---|---|
| SecurityKeyServerAdmin | This Role allows an administrator to manage SecurityGroups and PushTargets on a SKS. This includes executing methods related to management of SecurityGroups and PushTargets on an SKS. |
| SecurityKeyServerAccess | This Role allows a PubSub Application to access an SKS to pull keys.It is the default Role for pull but it is expected that different custom Roles are used for different SecurityGroups. |
| SecurityKeyServerPush | This Role allows an SKS to push security keys to PubSub Applications.This includes executing methods related to PubSub security. |