Security Metamodel #69
Comments
|
"If Subject X has the Permission Read on the AAS itself, does this implicitly also apply Permission Read to all Submodels?" No, this is not the case. The AAS just contains logical IDs of its submodels. If you want to access the submodels themselves you need to fetch the endpoint of a submodel via the registry. The submodel can have completely different access rights. With respect to permissions: the metamodel does not predefine any permissions. Instead, it assumes that the permissions are defined in a submodel. This includes clear semantics of the permissions defined in this submodel like the one you ask: does write include read permission. Up to now there is no standardized submodel template for permissions. |
|
The second question is not clear to me, do you mean APIs for accessing information at runtime? |
|
You may be interested in this video from @aorzelskiGH on security with the Asset Administration Shell: https://youtu.be/CH_mguOJ0Ko |
|
07.03.22: wait for @aorzelskiGH |
|
@gillistephan any updates on your question after the meeting with Andreas on 31.1.? Something which might be valuable for the I4.0 community and can be posted in our Q&A list. |
|
currently Chapter 7 of DotAAS is the only authoritative source |
Discussed in #63
Originally posted by gillistephan December 22, 2021
Hi everyone, I have a question / looking for some hints regarding the (1) modeling and implications of the Security Metamodel in order to implement proper authz and (2) scenarios for operation.
Question 1:
To keep it simple, I will not refer to the actual properties in the AAS itself and only use the basic relations (read, write) between Subjects and Objects. Lets assume the case we want to model an AAS with some Submodels and the respective Security. For an easy case that some Subject X has Permission Read on Submodel Y, the evaluation is pretty straight forward when Subject X requests access to Submodel Y. A little more difficult case would be, when Subject X has Permission Read on the AAS Z itself. While there are no further constraints on Submodels, the question is: If Subject X has the Permission Read on the AAS itself, does this implicitly also apply Permission Read to all Submodels? The same holds true for the question: If Subject X has Write Permission on Submodel Y, does this implicitly apply the Permission Read? If Subject X has Read Permission on Submodel Y and Submodel Y references any ConceptDescription, does this implicitly apply the Permission Read to the ConceptDescription?
I hope my point is clear - So the overall question is: Can subjects be recursive (by not only referencing a specific subject but also a set of subjects) or should / must indirections be modeled? Would be good, to get some clarification here, as the implementations of a checker would be considerable different.
Question 2:
Are there any best practices / or implementations going on for AAS-Runtimes?
The text was updated successfully, but these errors were encountered: