ROS2 Security Working Group Online Meeting

Presently, the capabilities for ros topics are distinguished as publish subscribe. I’d suggest we formalise the terminology for the accompanying sub-systems as well for: perimetres, services, actions.
I’d propose the following breakdown of capability primitives:

Subsystem Capabilities
topics publish, subscribe
parameters read, write
actions call, execute
service request, reply

Perhaps others may have suggestions per the exact choice of vocab (e.g. reply vs response) to adopt.

These collection of subject permissions above reflects the symmetry of roles for each given subsystem object interface. Should it be necessary, we should anticipate the extending the number of capability types. For example, while the pub/sub server/client roles in topics and services are rather straightforward, what of finer restrictions when provisioning for parameters and actions? Should practices such as same origin policy be implementable when controlling who can cancel who’s particular goal, or who can write to which particular parameter?

Related comment on actions: