Securing access to Orion Context Broker entities

109 views Asked by At

I am searching for a solution, that the value of an attribute of a certain entity in the Orion Context Broker, which is secured with a Wilma PEP Proxy and Keyrock, can only be changed by a specific user (the one who created the entity).

The Context Broker contains multiple entities, for which I want to restict the access depending on "entity-owner".

How could I proceed to achieve this?

1

There are 1 answers

1
fgalan On

Not sure about Wilma PEP, but with Steelskin PEP (and side componentes Keystone and Keypass) you can use multitenancy to secure the access to your entities, at two levels:

Thus, users in a given subservice (in a given service) would access only to the entities belonging to such subservice (in the given service). Access to other subservices will be forbidden.

As a reference, you can use this link as an example to deploy and interact with the different components APIs based on KeyStone security stack.