Trusted Exchange

DSBA - CTO architecture coherence [DRAFT. NOT APPROVED]

Security Profiles
Certification
Remote Attestation, remote integrity verification
Trust Authority for verifying trustworthiness of participants
European identification
IDS Connector implementation

i3-Market Project

An Identity and Access Management system based on Decentralized/Self Sovereign Identity and Verifiable Credentials
Smart Wallets with different level of security (Cloud/HW Wallet).
Smart Contracts.
A Data monetization system based on crypto currency for secure, trusted and cost-effective peer-to-peer payments.

Go to the .

i3-Market Project

Tokenization
interaction with the decentralized ledger of the Data Storage system and with the Data Access System for the monetization of the data assets.

Smart Connected Supplier Network

Digital platforms, interconnected using IDS
Independent ‘address book’ for routing communication
Several providers
One-time integration with own ERP system
Registration in the SCSN address book

ECI - TNO

IDS Connector
SCSN platform
DAPS

iSHARE Foundation

iSHARE Satellite
Participant registration service for data spaces, allowing data spaces to make participants known in their data space and also across data spaces.
Totally federated 'trust phone book' to discover participants, find the trust level and the roles, and of course the data space.

i4Trust

services are used at this moment. This service has been defined implementing Trust Anchor functions within data spaces to verify trust of participants.

CS4EU project

FE2MED (Functional encryption to Medical Data)

Design Principles Position Paper

Trust is a necessary feature in any data-sharing environment, i.e. also for predictive maintenance. Unfortunately, predictive maintenance is difficult to achieve, as algorithms used are still not as effective as desired, and the quality of outcome often is not sufficient, due to a lack of reliable data. Nevertheless, integrating and leveraging data from partners – and even from competitors or companies from different sectors (OEMs, maintenance equipment producers, energy companies) – can be of great benefit for all participants. To overcome the lack of trust currently still prevailing, data sovereignty concepts and services should be employed

AgriSpace4Trust

aims to integrate i4Trust Marketplace Framework working with FIWARE’s Smart Models and linked data following the latest NGSI-LD specifications. In addition, iSHARE integration to a third-party SensorPassport implementation will build trust within the community. SensorPassport includes functionalities on validating sensor operations, credibility, access, authorization and account control through iSHARE integration.

iSHARE Foundation

Distributed Ledger node for federated registration of participants in data spaces, hence enabling legal and organisational interoperability.

Datavillage

: A confidential computing environment to process data from different parties while ensuring data confidentiality and algorithm ownership.
- End to end data encryption with algorithm integrity through enclaving
- No data leak with whitelist sandboxing
- Automate secure deployment on cloud providers
- Data access management with data activity ledger
- Interoperability with linked data and knowledge graph
: A personal data store where individuals control and manage their data.
- Extend your data mesh with personal data store
- Rely on user centric data model, feed and connect first and third party data
- Get customer consent and access data in full transparency
- Process data from Data Pod to the Data Cage

i4Trust

iSHARE provides testing and operation instances of the service.
API gateways used in i4Trust are available in the FIWARE Catalogue. The extended version of the is recommended.
of pioneer use cases relying on the i4Trust framework and using iSHARE Satellite services as basis for verifying trust of participants.

CS4EU project

The Functional Encriptation for Medical (FE2MED) asset is used in CyberSec4Europe (CS4EU) projec. CS4RU goal is provide security measures when medical data are shared. It secures data sharing by using this functional encryption tool. FE2MED ensures data integrity and confidentiality, Leveragecrypto libraries which implement Inner product schemes (e.g., simpleDDH or damgardDDH) for computing data sets providing statistical results to the data consumers. It also implements ABE schemes: KP-ABE schemes ensuring that only selected recipients are able to see certain data. It provides a graphical user interface for facilitating the KP-ABE use. FE2MED is a service currently deployed on premise.

It can be ceployed as a Service

ECI - TNO

A metal company purchases metal sheets to their providers as well as they receive orders from customers. Through the SCSN and IDS network they can receive orders through ECI gatewise and the IDS network to supply drive. Therefore, they can send a purchase order to their providers and they can receive purchase orders from their clients, even though they have different platforms. Information can be transmitted no matter where connectors and suppliers are connected, making sure that every type of business gets digitized and isn’t left behind.

ADVANEO DMP

The is a collaboration portal that enables the data-sovereign formation of Data Spaces for data-driven applications. Integrated AI tools, data models and applications as well as free access to millions of Open Data support the development of data-driven innovation projects. The DMP has no contact with the actual raw data, being directly transmitted to the interested party in peer-to-peer encrypted form by an IDS-Connector. Only the exploitation result is accessible, enabling the sharing of confidential data in value chains.

Vastuu Group

The goal of the was to use the IDS standard to reveal the energy consumption and emissions information found in Helsinki Region Transport’s (HSL) and a specific city district’s data platforms. This way the data of both public transport and buildings could be taken into account when searching for ways to reduce the energy consumption and carbon footprint in a certain area. The project required developing a solution that would enable smooth data transfer without sacrificing information security.

AgriSpace4Trust

enables the prosumption of data services to optimise energy inputs in olive production creating new data-driven services. It proposes to create data hubs supported by i4trust data space that exploit local weather stations or agro-environmental sensors and open them to a broader community of local users. This way, opinion leaders and tech-savvy farmers will invest in buying specialised equipment, and data can be shared at will, including cooperatives and farm advisors/ agronomists.

Datavillage

TAILORED CONTENT DISCOVERY FOR END-USERS

Enable the analysis and processing of sensitive personal data aiming better content recommendation through data sourced directly by your users in a compliant and secure way. Let users consume online content on multiple platforms with their own reputation, identity and history. Don't collect the data in your system but access and process it via the end-users Data Pod and the Data Cage.

TAILORED CONTENT DISCOVERY FOR END-USERS

Enable the exploration and processing of user behaviors with other media & entertainment companies in a compliant and secure way (GDPR, e-privacy ...).

CS4EU project

Use Case MD-UC1: Sharing Sensitive Health Data Through an API The FE2MED asset, used in CyberSec4Europe project, secures data sharing by using this functional encryption tool.

The Medical Data Exchange demonstrator is intended to increase the trustworthiness between stakeholders when sharing medical data through a marketplace platform thus generating new business opportunities. This will be achieved by using a real environment provided by the COVID-19 Data Exchange platform50 (COV19DEP)launched by Dawex, which will offer to the users an anonymization service and a functional encryption service for increasing the user privacy and security when sharing data.

The figure below shows the basic flow of this Medical Data use case.

iSHARE Foundation

There is a governance structure to the ledger and hence provides measures for changes and eventual fixes.

Datavillage

Flexibility to deploy on any cloud provider
Development environment with test data required
In memory processing

CS4EU project

The main functionalities should be deployed on the data provider infrastructure for minimising data leaks.

Datavillage

A database integrated into the confidential computing environement is missing. We are looking to integrate an in memory graph database like redis.

i4Trust

Convergence with other alternative Trust Anchor services (Gaia-X, IDS, EBSI) is being analysed under the DSBA (Data Spaces Business Alliance).

CS4EU project

User interface could be made more friendly and additional crypto schemes can be included. Mechanisms for sharing decrypting keys.

High TRL

High-tech domain: Smart Connected Supplier Network (SCSN) + IDSA

Low TRL

Metal domain: Market 4.0
Plastic domain: Market 4.0

iSHARE Foundation

Find more information in webpage.

CS4EU project

More information about Cyber Security for Europe project and the use cases are described at the D5.5 Specification and set-up demonstration case Phase 2. [https://cybersec4europe.eu/wp-content/uploads/2022/01/D5.5-Specification-and-set-up-demonstration-case-Phase-2-v1.0_submitted.pdf]