SEMI E132 - 장비클라이언트 인증과 권한 부여에 대한 사양
This Standard was technically approved by the Information & Control Global Technical Committee. This edition was approved for publication by the global Audits and Reviews Subcommittee on December 23, 2013. Available at www.semiviews.org and www.semi.org in March 2014; originally published March 2004; previously published August 2010.
This Specification describes a method for restricting access to communication with equipment by requiring clients to authenticate to the equipment before proceeding with subsequent communication, and provides a flexible authorization scheme to control client application access. Authorization allows parties who want to exchange information with or control the equipment to do so on a need-to-know and/or need-to-use basis.
The authorization scheme specified in this Standard allows equipment vendor the flexibility to provide access control at any level of granularity, ranging from no access control restrictions, predefined role-based access control, to very fine-grained control.
This is a Standard that applies to all semiconductor manufacturing equipment that requires authentication and authorization for its services. It does not apply to communication that is governed by the SEMI E30 communication and control state models.
This Standard does not require data transmitted over an established session to be encrypted, encryption is only required as specified by the authentication protocol. It is assumed that the interface specified by this Standard will be operating in an environment where there are no malicious attacks such as inside a closed factory network.
Referenced SEMI Standards
SEMI E30 — Generic Model for Communications and Control of SEMI Equipment (GEM)
SEMI E121 — Guide for Styleand Usage of XML for Semiconductor Manufacturing Applications
SEMI E128 — Specification for XML Message Structures