Preamble Metamodel Versions This document uses the following parts of the “Specification of the Asset Administration Shell” series: IDTA 01001 Part 1: Metamodel in version 3.1 [1] IDTA 01002 Part 2: REST API in version 3.1 [2] IDTA-01003-a Part 3a: Data Specification – IEC 61360 in version 3.1 [3] IDTA 01005 Part 5: Package File Format (AASX) in version 3.1 [4] Scope of this Document This document specifies the security for the Asset Administration Shell and its submodels, i.e. how to use Access Tokens and how to define Access Rules for Authorization. The signing of submodel data will be specified in a next version of this document. This document includes the grammar of a technology neutral model, which is used both for HTTP API 3.1 Query Language and for the Access Rules. In addition, a corresponding JSON schema is defined. Structure of the Document Clause Terms, Definitions and Abbreviations lists Terms, Definitions and Abbreviations Clause Introduction gives a detailed introduction to the security topic Clause Access Rule Model (normative) defines the Access Rule Model (normative) Clause Summary and Outlook provides a summary and outlook Annex Examples of Access Rules in text serialization contains Examples of Access Rules in text serialization Annex Examples of Access Rules in JSON serialization contains Examples of Access Rules in JSON serialization