IoT Data Security
The ThingWorx Platform has an access control list (ACL) model that allows the administration of ThingWorx Platform authorization to a very granular level. The ThingWorx Platform has overlaying levels of security that can be applied. Access control can be granted or denied at the most granular level, such as specific read or write access to a single Thing Property. In case of a conflict, the most restrictive security setting is honored. There are separate permission settings for Design-Time and for Run-Time. Both Design-Time and Run-Time permissions can be set for any entity in the system. All entities follow essentially the same model. Design-Time permission settings are as follows:
õõ õõ õõ õõ
Create entity Read entity Update entity Delete entity
Run-Time permission settings are as follows: (Figure 1)
õõ õõ õõ õõ õõ
Property Read Property Write Event Execute Event Subscribe Service Execute
••• Figure 1 Pictured here are the Run-Time permission settings of the ThingWorx Platform. 37