4.1 Security Perspective

As stated in Section 1.1, one strategic requirement of the International Data Spaces is to provide secure data supply chains. This is critical for establishing and maintaining trust among Participants that want to exchange and share data and use Data Apps. The IDS Security Architecture provides means to identify devices in the IDS, protect communication and data exchange transactions, and control the use of data after it has been exchanged.

IDS Connectors ensure that the specifications and requirements of the Security Architecture materialize in everyday interactions and operations in the International Data Spaces. The first section further explains the relations of the Security Perspective and the different layers of the IDS RAM. The remaining aspects for the security perspective are separated into multiple sections:

Identity and trust management for devices and involved entities in the IDS is explained in Section 4.1.2. Security requirements and concepts for different aspects and layers of an IDS connector are explained as well: They are split into security measures necessary on the platform layer in Section 4.1.3 and on the application layer in Section 4.1.4. The security of communication between multiple secured components is addressed in Section 4.1.5. Finally, Section 4.1.6 concludes the security perspective by explaining usage control and its realization based on a properly secured IDS component.