Page History

...

• For W3C VISSv2 access control, please see this chapter TBD in spec TBD.  → Ulf BjorkengrenVISS v2.

Other technologies somewhat investigated in CCS project:

• MQTT:  When a connection is established the client must authenticate.   A simple method is user/password but it can use an extended authentication described in MQTT , limiting subscription to topics depending on credentials - TBD5, including multiple challenge-response message exchanges between client and server, before a connection is established.  Using auth methods as described by SASL are recommended, but beyond that there are no requirements in the MQTT specification.  The particular implementation details must be agreed between server and client and implemented with compatibility.  In other words, when reusing implementations, it is required to checked what they might support.  
  • Topic access control: A server could theoretically limit subscription to particular topics depending on the identity that was associated with the active connection when the initial authentication was performed.  Doing this seems also to be not described in detail.  In other words it must be a particular implementation in a particular case. 
  • Conclusion:  There seems to be work to do here to define, and implement, the mechanism specifically for VSS signal access, based on the topic tree defined from VSS.
    
• Options in Apache NiFi / related technologies? - TBD
• Access control principles defined by WAMP – TBD

...