search

International-Data-Spaces-Association / IDS-RAM_4_0

Focusing on the generalization of concepts, functionality, and overall processes involved in the creation of a secure 'network of trusted data' , the IDS-RAM resides at a higher abstraction level than common architecture models of concrete software solutions do. The document provides an overview and dedicated architecture specifications.
Creative Commons Attribution 4.0 International
38 stars 27 forks source link

3.1.1 Roles in the IDS: Service Provider needed? #117

Open mokamhuber opened 2 years ago

mokamhuber commented 2 years ago

Today, Sebastian Pretzsch and I discussed about the role of the "service provider" in the roles chapter. To us it sounded like the "service provider" is simply an operator of a connector that can act as "data consumer" AND as "data provider". Since any connector could possibly act as both "data consumer" and "data provider", we discussed removing the role to prevent confusion. In a differentiation between the terminologies, I would personally more associate "service provider" with a company operating "connector as a service" for "data owner" and "data user" instead of having a company operating a "data consumer" or "data provider" themselves. This would lead to having two different scenarios for data transfer to depict:

  1. data owner <-> service provider <-> service provider <-> data user
  2. data provider (company operating connector and offering data on their own) <-> data consumer
SebastianOpriel commented 2 years ago

I totally agree to your opinion. On a logical level you might use as a data owner a hyperscaler for your IaaS and deploy a connector on your own on that infrastructure. If the IaaS provider extends the offering, including a Connector-as-a-Service, and the customer using this server, doesn't change the setting. IMHO

gboege commented 2 years ago

"In a differentiation between the terminologies, I would personally more associate "service provider" with a company operating "connector as a service" for "data owner" and "data user" instead of having a company operating a "data consumer" or "data provider" themselves. This would lead to having two different scenarios for data transfer to depict: data owner <-> service provider <-> service provider <-> data user data provider (company operating connector and offering data on their own) <-> data consumer"

-> I fully support this differentiation.

"Since any connector could possibly act as both "data consumer" and "data provider", we discussed removing the role to prevent confusion."

-> I would keep that role. I would expect it to grow when SME don't want to run own infrastructure. For this case, roles, duties, access roles, responsibilities... have to be managed specifically.