The importance of policies, digital signatures and trust frameworks

A Data Space requires a set of policies that define the level of trust necessary to ensure that all participants meet the membership criteria. A digital signature mechanism can be used to verify membership and compliance with policies and rules. Additional trust frameworks can also be used to enhance compliance and signing mechanisms. A binding information model and Data Space Self-Description (DSSD) is required to ensure a common understanding of what the policies mean, how they are applied, and what a valid attribute response must look like.

The effectiveness of policies in the Data Space

Policies are effective at different levels of the Data Space. The membership level ensures that only participants who have reviewed and accepted the Data Space policies are included. The catalog ensures that only participants with the appropriate access rights see the objects in the catalog. During the negotiation process for a data contract, the policies of that contract are applied, some of which may already be fully evaluated and some of which may be evaluated later during or after data transfer.

Identity and common understanding

A Data Space needs an identity to be considered trustworthy to participants and external roots of trust. The DSSD and the authoritative information model for the Data Space are important elements for a clear understanding of the context and risk factors of the Data Space. It is important to have a common understanding of policies and their meanings, as the same expressions may have different meanings in different Data Spaces. Acceptance of trust roots can be encoded by the Data Space’s membership policies in the DSSD.