OLE for Process Control has defined interfaces for Data Access Servers, Event Servers, and Historical Data Access Servers. These servers provide information that is valuable to the enterprise and if improperly updated, could have significant consequences to plant processes. Therefore, there is a need to control client access to these servers in order to protect this sensitive information and to guard against unauthorized modification of process parameters.
Security must be provided in a standard manner, consistent among implementations of OPC Servers by various vendors, to permit the implementation of portable client applications.
Security must be well integrated with Windows NT and be as transparent as possible to the client application. Ideally, security should “just be there” with no special actions by the client application required in order for security to be enforced.
The purpose of this document is to specify how OPC Servers should implement security using operating system facilities. In addition, usage guidelines are provided for the OPC Client implementation to interact with a security aware OPC Server.
This specification is analogous to the OPC Common specification in that it applies to all of the defined OPC Servers.