The authorization scheme specified in this Standard allows equipment vendor the flexibility to provide access control at any level of granularity, ranging from no access control restrictions, predefined role-based access control, to very fine-grained control.
This is a standard that applies to all semiconductor manufacturing equipment that requires authentication and authorization for its services. It does not apply to a communication that is governed by the SEMI E30 communication and control state models.
This Standard does not require data transmitted over an established session to be encrypted, encryption is only required as specified by the authentication protocol. It is assumed that the interface specified by this Standard will be operating in an environment where there are no malicious attacks such as inside a closed factory network.
Subordinate Documents:
SEMI E132.1-1015 - Specification for Soap Binding for Equipment Client Authentication and Authorization (ECA)
Referenced SEMI Standards
SEMI E30 — Specification for the Generic Model for Communications and Control of SEMI Equipment (GEM)
SEMI E128 — Specification for XML Message Structures
No comments:
Post a Comment