search

admin-shell-io / questions-and-answers

This repository aims for providing answers to often asked questions in the context of the Asset Administration Shell.
https://admin-shell-io.github.io/questions-and-answers/
Creative Commons Attribution 4.0 International
24 stars 6 forks source link

AssetInformation References #78

Closed felix-schubert closed 1 year ago

felix-schubert commented 2 years ago

I have questions on creating the AssetAdminstrationShell.AssetInformation entities.

Given an asset with serial-number "SN-123" and an RFID identification of "0456" and a namespace "https://company.com/assets/". globalAssetId should be a globally unique reference, hence composed of namespace and serial-number: https://company.com/assets/SN-123

specificAssetId will be a SpecificAssetId for the serial number and a reference for the RFID: {"name": "Serialnumber", "value": "SN-123", "externalSubjectId": ???} {"name": "RFID", "value": "0456", "externalSubjectId": ???}

From 3.0RC02: The (external) subject the specific asset ID belongs to or has meaning to.

I do not understand, what values to use for externalSubjectId.

BirgitBoss commented 1 year ago

Not all specific IDs shall be visible to all users when looking up Asset Administration Shells. For example there typically is a manufacturer-part-ID, but several customer-part-IDs and only the customer shall be able to search for the digital twin via this specific asset ID.

The term "subject" is taken from ABAC (Attribute Based Access Control). It is assumed that the "subject" can be described by a unique ID.

StenGruener commented 1 year ago

@BirgitBoss: could you please provide a minimal example of a reference used for externalSubjectId? Also maybe some words regarding for access control-relevant usage (within Catena-X)?

BirgitBoss commented 1 year ago

In Business Partner Data Management each partner in the ecosystem Catena-X gets a unique ID, the so-called BPN (Business Partner Number). This BPN can then be used as value of externalSubjectId. For every API-access the BPN is given as a token and thus can be checked.

Info: the externalSubjectId will be optional in the next version of the specification. If empty the specific asset ID is visible to all having access to the registry.

StenGruener commented 1 year ago

@felix-schubert are you okay with the answer, Felix?

StenGruener commented 1 year ago

@felix-schubert

felix-schubert commented 1 year ago

Thank you.

StenGruener commented 1 year ago

Q: What values shall be used for externalSubjectId wihtin SpecificAssetId A: Not all specific IDs shall be visible to all users when looking up Asset Administration Shells. For example there typically is a manufacturer-part-ID, but several customer-part-IDs and only the customer shall be able to search for the digital twin via this specific asset ID. The term "subject" is taken from ABAC (Attribute Based Access Control). It is assumed that the "subject" can be described by a unique ID.

{"name": "SerialNumber", "value": "12345678", "externalSubjectId": ""} //discoverable for everyone
{"name": "CustomerPartID", "value": "C1#7234", "externalSubjectId": "BPN_Company1"} //discoverable for Company 1
{"name": "CustomerPartID", "value": "0789_Company2", "externalSubjectId": "BPN_Company2"} //discoverable for Company 2
StenGruener commented 1 year ago

fixed and to be published