Eclipse Dataspace Connector: Trusted Data Sharing With Sovereignty
Today, almost every organization needs to share data with other organizations in a transparent and interoperable way while adhering to corporate policies and data sovereignty regulations. With the Eclipse Dataspace Connector technology, they can meet these requirements.
The Eclipse Dataspace Connector project provides an interoperable, cross-organization framework for data sharing that allows each organization to control how its shared data is used. It links data providers, data users, and intermediaries from any organization to virtual data spaces and provides the endpoint for data sharing.
Closely Aligned With European Data Space Initiatives
A virtual data space is decentralized infrastructure that defines how different technology components interact to enable trusted and compliant data exchanges. The connector is the technology component that allows each organization involved in the exchange to define how digital processes, infrastructures, and data flows are structured, built, and managed to ensure adherence to corporate policies and data sovereignty regulations.
The Catena-X Automotive Alliance, an ecosystem of European automotive manufacturers and suppliers, dealer associations, and equipment suppliers, were pioneers in building data spaces, and one of the drivers behind the initiative to host the Dataspace Connector project at the Eclipse Foundation.
The first release of the Eclipse Dataspace Connector will implement the International Data Spaces (IDS) data space model and architecture (Figure 1). The connector will be able to communicate with the other components, the essential services of a data space, such as an identity provider, data broker, or clearinghouse, as shown in the model.
Figure 1: IDS Data Space Model
Once the Dataspace Connector is implemented at each organization, all parties can exchange information in a way that’s safe, easy, and compliant with the data space’s rulebook to collaboratively drive innovation, create new services, and support new business models.
Applicable to Every Organization That Shares Data
The Eclipse Dataspace Connector technology can be applied in any situation where two or more organizations need to share data in a trusted and compliant way.
In a manufacturing setting, consider a situation where a manufacturer needs repairs made to one of its production robots. The manufacturer and the robot repair agency can use the Eclipse Dataspace Connector technology to exchange the relevant information without disclosing sensitive data (Figure 2).
Figure 2: Manufacturing Use Case for the Dataspace Connector
The documents that are shared between the organizations can have usage conditions and policies attached to them. For example, if a spreadsheet is shared, usage conditions and policies could define:
- Who can access the spreadsheet
- How many times the spreadsheet can be accessed
- The time period during which the spreadsheet can be accessed
Usage conditions can also mandate that the data can only be accessed in a way that complies with data sovereignty regulations such as the European General Data Protection Regulation (GDPR). These types of conditions are particularly important in industries such as healthcare and finance where it’s often necessary to share personal information.
In a road safety scenario, the Dataspace Connector technology enables trusted communications between the motorway operator and the original equipment manufacturer (Figure 3).
Figure 3: Road Safety Use Case for the Dataspace Connector
A Brief Look at the Technology
To enable the data exchanges illustrated in Figures 2 and 3, the Eclipse Dataspace Connector framework provides modules for performing data queries, data exchanges, policy enforcement, monitoring, and auditing. The asynchronous and highly available system includes separate control and data planes, and functions as a coordinator with data cataloguing handled by an external system, such as Apache Atlas.
Data transfer processes are fully auditable, and there is no centralized database for data storage to eliminate single points of failure. In addition, the policy engine will be cloud-aware, which means it’s not limited to the connector and can be embedded in other processes.
From a security perspective, all sensitive data is stored in a pluggable vault with strict use of temporary credentials and restricted access rights for data transfers. Configuration changes can be controlled and recorded.
The Road Ahead
After the initial release of the Dataspace Connector, we’ll look to add an infrastructure layer based on Gaia-X specifications so the connector framework complies with both European initiatives:
- The IDS model is the blueprint for data exchanged based on European values, such as data protection and security, equal opportunities through federated design, and the guarantee of data sovereignty for the creator of data and trust between participants.
- Gaia-X is a European project that brings together representatives from business, politics, and science from Europe and around the globe to create a federated and secure data infrastructure.
Longer term, the goal is to provide a connector that can be extended and reused with different protocols and approaches to connecting data to data spaces on the front end and the back end. With this flexibility, organizations can connect to back-end data sources, such as databases, data catalogs, and API gateways. And they can participate in multiple data spaces at the same time.
The ability to reuse the Dataspace Connector in different contexts and with different protocols is possible because the connector architecture is based on the Java Service Provider Interface (SPI). The Connector’s potential for reuse was proven at a Gaia-X hackathon in late August 2021 when a team of developers successfully created extensions for two different types of authentication mechanisms: One using a central service, and one using self-sovereign identity (SSI) technology.
Join an Active Community of Industry Leaders
The Eclipse Dataspace Connector project was initiated by some of the world’s most recognized names across industry, technology, and research, including:
- Amazon Web Services
- Daimler TSS
- Deutsche Telekom
- Fraunhofer Gesellschaft
- ZF Friedrichshafen
It’s also supported by Gaia-X and the International Data Spaces Association (IDSA).
Learn More at EclipseCon
To learn more about data spaces and the Eclipse Dataspace Connector project, attend Markus Spiekermann’s presentation at EclipseCon 2021.
Eclipse Dataspace Connector: How to Build Data Spaces
Thursday, October 28
You can also explore the following resources:
- Eclipse Dataspace Connector website
- YouTube channel
- GitHub repository, which includes discussions and issue tracking
About the Author
Markus Spiekermann is head of the Data Economy department at the Fraunhofer Institute for Software and Systems Engineering ISST in Dortmund. He is also project lead for the Eclipse Dataspace Connector project, and is heavily involved in initiatives for building data spaces, including the IDSA and Gaia-X.
More from this Edition
The EclipseSource team summarizes the latest technology initiatives and advances in the vibrant and rapidly growing Eclipse Cloud DevTools community.
Daniel Krippner explores the software-driven revolutions and industry trends that have led to the need for a new initiative focused on software-defined vehicles.