Part of the Integration Architecture; An authorisation layer is the implementation of a security model.
Consideration will need to be given to how information management, governance and security applies across multiple organisations. For example, an asset owner may be prepared to share different sets of data from a digital twin with a variety of users accessing the twin’s data through the authorisation engine, using different integration tools. This limits and governs access to data otherwise discoverable through the discovery protocol. Security concerns may mean that some potentially available models and data sets do not even appear in a particular user’s view of the catalogue, since publication of their existence may be a risk to sensitive assets and information. Twin owners will be able to use the languages described in the FDM and RDL to specify the purposes to which their twins or the data produced from them may be put, limiting the types of models that can be conjoined so as to protect intellectual property and commercially sensitive operational data from malicious intent (through both policy and technical measures). This manages communication between digital and physical twins so as to mitigate potential hostile or malicious interference with the assets.
- Edited by Peter El Hajj