Comment on page


sequence overview
Sequence Specification
Connector to Dynamic Attribute Provisioning Service (DAPS)
Connector to Participant Information Service (ParIS)
Connector to Metadata Broker
Connector to App Store
Connector to Vocabulary Provider
Broker to DAPS
Clearing House to DAPS
App Store to DAPS
Vocabulary Provider to DAPS
Since all IDS components are, at their core, a Connector, the connection of these to the DAPS (sequence 8-12) is designed in the same way as that of the Connector to the DAPS.

General Component Interaction

In general, each communication between two components includes the following building blocks:
Every communication requires an authenticated, integrity-protected and encrypted connection. The verification of the connector's identity is based on the IDS identity certificate (X.509v3), dynamic attributes and details for the company operating the connector. Additionally, connectors in the Trust or Trust+ Level need to prove their integrity with Remote Attestation based on a transmitted Attestation Report. Based on the secure channel, the desired IDS interaction is conducted as described in the Sequence Specifications above. If no secure channel can be established, the IDS interaction must not be executed.
After the IDS Message was handled, the process/communication channel is terminated if no further interaction is required. Otherwise, the behavior depends on the utilized communication protocol. For a communication with the IDS-REST protocol or Multipart, the communication channel will be re-established for every IDS Message. With the IDSCP2, the communication channel is established once via the IDSCP2 Transport Layer Protocol and all IDS interactions will be executed via this channel with the IDSCP2 Application Layer protocol.
Last modified 3mo ago