Glossary
Last updated
IDS-G
Last updated
Secure platform for distributing s; features different search options (e.g. by functional or non-functional properties, pricing model, certification status, community ratings, etc.).
Organization formally applying for being certified by the .
The process of verifying whether a requesting party is allowed to access a resource or system.
Intermediary managing a metadata repository that provides information about the s available in the International Data Spaces; multiple Broker Service Providers may be around at the same time, maintaining references to different, domain-specific subsets of s.
Building blocks are fundamental components that can be implemented and combined in order to achieve functional data spaces. A building block encompasses at least the basic specifications, and evolves in maturity with more detailed specifications, with sample implementations or templates, and with the instructions, training, testing and support elements that are required to facilitate the delivery of the essential ingredients of data spaces.
Intermediary providing clearing and settlement services for all financial and data exchange transactions within the International Data Spaces.
Shortcut: IDS-CH
Dedicated communication server for sending and receiving data in compliance with the general Connector specification; different types of Connectors can be distinguished (Base Connector vs. Trusted Connector, or Internal Connector vs. External Connector).
The capability of an entity (natural person or corporate) of being entirely self-determined with regard to its data.
A Demilitarized Zone is an IT system (or a part of an IT system) with controlled access.
Shortcut: DMZ
Shortcut: DAPS
Shortcut: DAT
Concept defining the rights and duties (“rules of the game”) for formal data management, ensuring quality and trust throughout the International Data Spaces; mission critical to the International Data Spaces, as a central supervisory authority is missing.
Structure that consists of rules, processes and evaluation criteria to assess the maturity level of an open source project.
The process of verifying the validity of a supplied identity proof.
See also:
Shortcut: IDS-IM
Shortcut: IDSCP
Is the catalog of building blocks that lists various components and frameworks that are developed according to IDS principles.
The IDSA Technical Steering Committee.
The IDSA Working Groups.
Shortcut: IDS
Shortcut: IDSA
Shortcut: IDS-RAM
Shortcut: JWT
Shortcut: IDS-MDB
A minimum viable data space (MVDS) is a combination of components to initiate a data space with just enough features to be usable for secure and sovereign data exchange.
Shortcut: ParIS
Set of rules and conditions regarding one or more transactions in the International Data Spaces.
Server providing maintenance facilities for editing, browsing and downloading vocabularies and related documents; mirrors a set of external third-party vocabularies ensuring seamless availability and resolution.
Trusted third-party entity issuing digital certificates (e.g., x509 certificates); may host services to validate certificates issued. (see )
Governance body certifying components and entities seeking admission to the International Data Spaces; aside from having the final word on granting or denying a certificate, it is responsible for maintaining the (including its catalog of requirements), overseeing and approval of Evaluation Facilities, and ensuring compatibility of evaluation procedures carried out by Evaluation Facilities.
Scheme defining the processes, roles, targets, and criteria involved in the certification of components and entities; maintained by the .
Description of a participating in the IDS for being read by other IDS s; created by the or Data User as the first step of the configuration process; contains information such as the name of the provider or the name of the maintainer, as well as information about the content and type of the data offered or requested, about data communication interfaces, and about usage policies and contracts.
IDS-G specification:
Glossary: .
See .
Self-contained, self-descriptive software package that is distributed via the App Store and deployed inside a ; provides access to data and data processing capabilities; the interface of a Data App is semantically described by the IDS Vocabulary.
Content exposed for exchange via s according to a parametrized Data Service interface; Data Assets are expected to be focused, homogeneous, and consistent over time with regard to granularity, coverage, context, data structure, and conceptual classification.
Core in the International Data Spaces requesting and using data provided by a .
Data interface for data publication () and data consumption (Data Sink), respectively.
Contractual agreement between a and a regarding the exchange of data in the International Data Spaces.
Method or operation with defined functionality to be invoked on a .
Core having complete control over the data it makes available in the International Data Spaces; defines the terms and conditions of use of its data.
Core exposing s via a ; a Data Provider may be an enterprise or other organization, a data marketplace, an individual, or a “smart thing”.
consuming data uploaded and offered by a .
exposing data for being retrieved or subscribed to by a .
See .
Issues Dynamic Attribute Tokens (s) to verify dynamic attributes of s or s.
IDS-G specification
A JSON Web Token containing signed dynamic attributes for s and s.
IDS-G specification:
Governance body providing services related to the certification of components and entities (certification targets) seeking admission to the International Data Spaces; responsible for detailed technical evaluation of targets in consistence with the and its catalog of requirements; reports evaluation results to the .
Intermediary offering services to create, maintain, manage and validate identity information of and for s in the International Data Spaces.
See .
Set of vocabularies and related schema information for the semantic description of International Data Spaces entities (e.g., s or s), data provenance, or licensing information; the core IDS Vocabulary is domain-independent; it can be extended and/or reference third-party vocabularies to express domain-specific aspects.
GitHub
IDS-G specification
IDS-G specification (current V.2)
Deployments of the IDS Reference Test Bed (with or without modifications), made by third-party organizations that are interested in experimenting with IDS-based solutions. Listed on repository.
IDS Deployment Scenario is any implementation made with IDS-compliant components that allows sovereign data sharing (as defined by IDSA), is built with the intention to resolve a problem by means of secure and sovereign data sharing and is adequately documented to enable others to follow the same path.
Glossary .
Set of rules, processes and evaluation criteria to assess the maturity level of a IDS-related open source project. See
The projects that are in the third grade according to the criteria defined in See .
The projects that are in the second grade according to the criteria defined in See .
The projects that are in the first grade according to the criteria defined in See .
Glossary .
The data model of the IDS. It defines all classes, attributes and entities known to the actors in the IDS.
Distributed network of s (i.e., instantiations of the International Data Spaces ), allowing secure exchange of data and guaranteeing .
Association for the development and maintenance of the and associated standards, see and .
Data Exchange and Data Sharing are essential for Data-Driven Business-Ecosystems, as well as the need for . The International Data Spaces Reference Architecture Model (IDS-RAM) defines fundamental concepts for , Data Sharing and Data Exchange. Focusing on the generalization of concepts, functionality, and overall processes involved in the creation of a secure “network of trusted data”, the IDS-RAM resides at a higher abstraction level than common architecture models of concrete software solutions do. The document provides an overview supplemented by dedicated architecture specifications defining the individual components of the International Data Spaces
The model is made up of five layers: The Business Layer specifies and categorizes the different roles which the s of the International Data Space can assume, and it specifies the main activities and interactions connected with each of these roles. The Functional Layer defines the functional requirements of the International Data Spaces, plus the concrete features to be derived from these. The Process Layer specifies the interactions taking place between the different components of the International Data Spaces; it provides a dynamic view of the Reference Architecture Model. The Information Layer defines a conceptual model which makes use of linked-data principles for describing both the static and the dynamic aspects of the International Data Spaces’s constituents. The System Layer is concerned with the decomposition of the logical software components, considering aspects such as integration, configuration, deployment, and extensibility of these components.
In addition, the Reference Architecture Model comprises three perspectives that need to be implemented across all five layers: Security, Certification, and Governance. The Security Perspective defines the common security measures for the International Data Spaces and the concepts for Data Usage Control. The Certification Perspective describes the IDS as a foundation for every interaction in the IDS. The Governance Perspective describes the Responsibilities of the Roles in the IDS.
Glossary:
Glossary
IDS-G
Stakeholder in the International Data Spaces, assuming one or more of the predefined roles; every Participant is given a unique identity by the .
Defined set of a ’s security properties; specifies several security aspects (e.g., isolation level, attestation, or authentication), expressing the minimum requirements a must meet to be granted access to the s exposed.
used for integration of custom s and legacy systems with a .
see )
Set of rules specified by the restricting usage of its data; covers aspects like time-to-live or forwarding conditions (e.g., anonymization or scope of usage); transmitted along with the respective data, and enforced while residing on the of the .