View Issue Details

IDProjectCategoryView StatusLast Update
000800210000-014: PubSubSpecpublic2023-06-21 19:43
ReporterRandy Armstrong Assigned ToMatthias Damm  
PrioritynormalSeverityminorReproducibilityhave not tried
Status assignedResolutionopen 
Product Version1.05.02 
Summary0008002: SecurityGroup needs an Identity that can be used to determine access to Variables
Description

When a Publisher reads/subscribes to source variables it needs an identity which is used to determine if the Publisher has access to the source Variables. This is currently an implementation detail for Server.

However, this should be formalized and it should be possible for for administration clients (i.e. the ConnectionManager in FLC) to set this identity.

The expected workflow is when a Publisher starts its access rights are checked before any data is published and if a source Variable is not currently accessible the Publisher reports a Bad_AccessDenied error instead of a value.

The identity should have the minimum privileges needed to publish the configured data (i.e. administrative clients should never be allowed to publish any variable/attribute in the server address space). And the spec should not assume that publishers do the "right thing" if no requirements are provided.

TagsNo tags attached.
Commit Version
Fix Due Date

Relationships

related to 0008001 closedMatthias Damm 10000-014: PubSub SecurityGroup.RolePermssions needs better dicussion on what it is for. 
related to 0007885 acknowledged 10000-002: Security Need a Discussion of How the Role Model is applied to MQTT Brokers 

Activities

Matthias Damm

2022-06-21 12:52

developer   ~0016948

Last edited: 2022-06-21 16:34

For WriterGroups with Security, this is already covered by the RolePermissions setting on the SecurityGroup that is used for controlling the access to the keys.
We just need to state that the roles are also applied to the internal data acquisition.

But we do not have anything for the WriterGroups without security.
We can probably state that WriterGroups without security have an Anonymous role for the internal data acquisition.

If the communication channel is not “public” e.g. if data is sent to a broker using transport security, it is necessary to configure permissions on the WriterGroup.

Matthias Damm

2022-06-23 08:52

developer   ~0017012

There was an agreement in the WG discussion to add the clarification in chapter 6.2.11 Information flow and status handling

For WriterGroups with related SecurityGroup, the permissions on the SecurityGroup are used.
For WriterGroups without related SecurityGroup, the default permission is for Anonymous
Define a standard property RolePermissions to be able to overwrite the default permission on a group without related SecurityGroup

Matthias Damm

2023-06-20 18:42

developer   ~0019576

The proposals from last discussions do not work. The access like through an internal session would have a list of Roles. The SecurityGroup, even if in the same application provides RolePermissions with is not the same.

The following properties would be part of the solution:
Table 4 – General PubSub configuration properties
Key: 0:Roles
DataType: NodeId[]
Description: Indicates the Roles the related PubSub component has when accessing elements in the Server address space.
Key: 0:RolePermissions
DataType: RolePermissionType[]
Description: Indicates the permissions required to access of configure the related PubSub component.

The description in " 6.2.11 Information flow and status handling" can refer to the '0:Roles' Property for the configured case. The question is what is the default. We may want to have a default Publisher and a default Subscriber Role list. A default without configuration could be Anonymous or Observer for Publisher and Operator for Subscriber

Issue History

Date Modified Username Field Change
2022-05-19 11:40 Randy Armstrong New Issue
2022-06-21 12:45 Matthias Damm Assigned To => Matthias Damm
2022-06-21 12:45 Matthias Damm Status new => assigned
2022-06-21 12:52 Matthias Damm Note Added: 0016948
2022-06-21 16:34 Matthias Damm Note Edited: 0016948
2022-06-21 16:35 Matthias Damm Relationship added related to 0008001
2022-06-21 16:36 Matthias Damm Relationship added related to 0007885
2022-06-23 08:52 Matthias Damm Note Added: 0017012
2022-07-05 14:17 Jim Luth Target Version 1.05.02 => 1.05.03 RC1
2023-06-20 18:42 Matthias Damm Note Added: 0019576
2023-06-21 19:43 Matthias Damm Target Version 1.05.03 RC1 =>