LogoLogo
How to Build Dataspaces?Main IDSA AssetsOther ResourcesManifesto for International Data Spaces
IDS-RAM 4
IDS-RAM 4
  • README
  • Front Matter
    • Front Matter
    • Contributing Projects
  • Introduction
    • 1. Introduction
      • 1.1 Goals of the International Data Spaces
      • 1.2 Purpose and Structure of the Reference Architecture
      • 1.3 Relation to other IDSA assets
  • Context of the International Data Spaces
    • 2. Context of the International Data Spaces
      • 2.1 Data-Driven Business Ecosystems
      • 2.2 Data Sovereignty as a Key Capability
      • 2.3 Data as an Economic Good
      • 2.4 Data Exchange and Data Sharing
      • 2.5 Meaningful data
      • 2.6 Industrial Cloud Platforms
      • 2.7 Big Data and Artificial Intelligence
      • 2.8 The Internet of Things and the Industrial Internet of Things
      • 2.9 Blockchain
      • 2.10 Federated frameworks for data sharing agreements and terms of use
      • 2.11 General Data Protection Regulation
      • 2.12 Contribution of the International Data Spaces to Industry 4.0 and the Data Economy
      • 2.13 Privacy in the connected world
  • Layers of the Reference Architecture Model
    • 3 Layers of the Reference Architecture Model
      • 3.1 Business Layer
        • 3.1.1 Roles in the International Data Spaces
        • 3.1.2 Interaction of Roles
        • 3.1.3 Digital Identities
        • 3.1.4 Usage Contracts
      • 3.2 Functional Layer
      • 3.3 Information Layer
      • 3.4 Process Layer
        • 3.4.1 Onboarding
        • 3.4.2 Data Offering
        • 3.4.3 Contract Negotiation
        • 3.4.4 Exchanging Data
        • 3.4.5 Publishing and using Data Apps
        • 3.4.6 Policy Enforcement
      • 3.5 System Layer
        • 3.5.1 Identity Provider
        • 3.5.2 IDS Connector
        • 3.5.3 App Store and App Ecosystem
        • 3.5.4 Metadata Broker
        • 3.5.5 Clearing House
        • 3.5.6 Vocabulary Hub
  • Perspectives of the Reference Architecture Model
    • 4 Perspectives of the Reference Architecture Model
      • 4.1 Security Perspective
        • 4.1.1 Security Aspects addressed by the different Layers
        • 4.1.2 Identity and Trust Management
        • 4.1.3 Securing the Platform
        • 4.1.4 Securing Applications
        • 4.1.5 Securing Interactions between IDS components
        • 4.1.6 Usage Control
      • 4.2 Certification Perspective
        • 4.2.1 Certification Aspects Addressed by the Different Layers of the IDS-RAM
        • 4.2.2 Roles
        • 4.2.3 Operational Environment Certification
        • 4.2.4 Component Certification
        • 4.2.5 Processes
      • 4.3 Data Governance Perspective
        • 4.3.1 Governance Aspects Addressed by the Different Layers of the IDS-RAM
        • 4.3.2 Data Governance Model
        • 4.3.3 Data as an Economic Good
        • 4.3.4 Data Ownership
        • 4.3.5 Data Sovereignty
        • 4.3.6 Data Quality
        • 4.3.7 Data Provenance
        • 4.3.8 Data Space Instances
        • 4.3.9 IDS Rulebook
        • 4.3.10 Privacy Perspective
        • 4.3.11 Governance for Vocabularies
Powered by GitBook

Links:

  • IDSA Website
  • IDSA Github
  • Legal Notice
  • Privacy Policy

© 2016 – 2025 | All Rights Reserved | International Data Spaces Association

On this page
Edit on GitHub
  1. Perspectives of the Reference Architecture Model
  2. 4 Perspectives of the Reference Architecture Model

4.1 Security Perspective

Last updated 2 years ago

As stated in Section 1.1, one strategic requirement of the International Data Spaces is to provide secure data supply chains. This is critical for establishing and maintaining trust among Participants that want to exchange and share data and use Data Apps. The IDS Security Architecture provides means to identify devices in the IDS, protect communication and data exchange transactions, and control the use of data after it has been exchanged.

IDS Connectors ensure that the specifications and requirements of the Security Architecture materialize in everyday interactions and operations in the International Data Spaces. The further explains the relations of the Security Perspective and the different layers of the IDS RAM. The remaining aspects for the security perspective are separated into multiple sections:

Identity and trust management for devices and involved entities in the IDS is explained in Section 4.1.2. Security requirements and concepts for different aspects and layers of an IDS connector are explained as well: They are split into security measures necessary on the platform layer in Section 4.1.3 and on the application layer in . The security of communication between multiple secured components is addressed in Section 4.1.5. Finally, Section 4.1.6 concludes the security perspective by explaining usage control and its realization based on a properly secured IDS component.

first section
Section 4.1.4