4.2 Certification Perspective
Data security and data sovereignty are the fundamental value propositions of the International Data Spaces. Data sovereignty can be defined as a natural person's or legal entity's capability of being in full control of its data. To enable this control, each participant needs to follow the agreed rules for the IDS and requires reliable information about the guarantees offered by potential business partners. The adherence to rules is ensured by the certification which affects different layers of the IDS RAM as described in Section 4.2.1. The certification based on the defined standards is conducted by the three roles explained in Section 4.2.2.
Any organization or individual seeking permission to operate components in the International Data Spaces needs to pass the Operational Environment Certification which ensures secure processes and management of components. More details are provided in Section 4.2.3.
Comparably, each IDS component is expected to behave in adherence with IDS specifications and to protect the data which is transferred and processed. It shall allow participants to assess the possible consequences of data sharing and provide transparent information about possible guarantees with regards to the Usage Control described in Section 4.1.6. Therefore, components need to pass the Component Certification described in Section 4.2.4 before they may be used in the IDS. While the certification of organizations and individuals focuses on security and trust, the certification of components additionally refers to compliance with technical requirements ensuring interoperability.
To ensure a consistent process in the certification of participants and core components, the IDS uses a Certification Scheme comprising all processes, rules, and standards governing the certification process. The IDS Certification Scheme follows best practices from other, internationally recognized certification concepts. The utilized processes are introduced in Section 4.2.5.