Secure Event Management (SEM)
This Specific Enabler (SE) provides a scalable and flexible service to collect and dispatch, in a controlled way, events in Smart Factory environments. The SE manages events using distinct, autonomous and independent partitions (namespaces) whose number and structure depends only on the functional needs of the production site. Events are associated to specific nodes in a namespace. The access control mechanism provided by the SE manages access rights (publish or subscribe) to a specific node or to set of nodes in a namespace thus assuring that only specific, authorized entities can send or receive events. The Specific Enabler architecture is highly scalable and is compliant with the AMQP standard (http://www.amqp.org) for message oriented middleware.
The SEM is a middleware component that acts as a secure, flexible, and scalable connector among event sources (i.e. Publishers) and event consumers (i.e. Subscribers).
Token elements are based on the Security Assertion Markup Language (SAML)and eXtensible Access Control Markup Language (XACML) standards (with some extensions).
The Secure Event Management supports a capability based access control mechanism to govern access to events’ namespaces from single namespace nodes, up to set of disjoint nodes or whole namespace subtrees
The SEM includes features and specific service elements to generate access capabilities (access tokens) and capability revocation tokens, as well as to revoke granted access rights (i.e., revoke access tokens).