About the security architecture

The OPC UA security architecture is structured in an application layer and a communication layer on top of the transport layer.

A session in the application layer transits information, settings and commands between a client application and a server application. The application layer also manages security objectives, user authentication and user authorization. The application layer communicates over a secure channel in the communication layer and relies upon it for secure communication. The secure channel provides encryption to maintain confidentiality, message signatures to maintain integrity and digital certificates to provide application authentication for data from the application layer, which it securely passes to the transport layer.