search

International-Data-Spaces-Association / IDS-RAM_4_0

Focusing on the generalization of concepts, functionality, and overall processes involved in the creation of a secure 'network of trusted data' , the IDS-RAM resides at a higher abstraction level than common architecture models of concrete software solutions do. The document provides an overview and dedicated architecture specifications.
Creative Commons Attribution 4.0 International
46 stars 26 forks source link

Clarify the term Self description in the RAM #230

Open ssteinbuss opened 1 year ago

ssteinbuss commented 1 year ago

Rationale

The term self-description is not completely clarified and mixed up with the related term in Gaia-X. Here, a self-description is a verified credential, while in IDS the self-description is a data catalog published by a connector. The term self-description in IDS and in the RAM should be reviewed and the RAM might require an update afterward.

owner and point of contact

Description

Let us start to find a common definition o Self Description first and continue with the update of the document after.

Issues

clange commented 1 year ago

The Gaia-X definition of Self-Description is here: https://gaia-x.gitlab.io/technical-committee/architecture-document/self-description/. I think it would make sense to adopt something similarly general for IDS as well, like this:

Self-Descriptions describe entities such as Participants, Resources, or Components. They contain assertions about entities expressed in the RDF data model, typically serialized in the JSON-LD format.

I simply skipped over Verifiable Presentations / Verifiable Credentials. Gaia-X says that a Self-Description is a Verifiable Presentation, containing Verifiable Credentials, which finally contain the "assertions" mentioned above. Without signatures, these assertions are mere claims.

IDS has different mechanisms of establishing trust. IDS is, to my understanding, open towards Verifiable Presentations / Verifiable Credentials. However the above phrasing does not exclude that some of the assertions are confirmed by trusted third parties.

PeterKoen-MSFT commented 1 year ago

Self-Descriptions make sense at the level of a Dataspace Authority, Participant and Services (e.g. Dataspace Connector offered by a participant). It does not make sense at the level of individual components (unless they are exposed as independent services) or Data Assets (just the Asset Metadata is sufficient, and the Gaia-X style of self-descriptions would be too complicated and inefficient at that level).

It needs to be discussed how SDs are to be queried/exchanged in a dataspace as that is currently not well defined in Gaia-X.

Also there will be dataspaces that do not rely on Gaia-X. Therefore, a full specification of Self-Descriptions and a Self-Description Verification Protocol needs to be defined in IDSA as well to support non-Gaia-X-Dataspaces.

My suggestion is to align with Gaia-X on the semantic model for SDs, so that we can support the same core semantic model in IDSA based dataspaces, but at the same time publish an IDSA model that is to be considered as normative for IDSA certified dataspaces.

PeterKoen-MSFT commented 1 year ago

@mspiekermann can you provide your view as well? Thanks!

ssteinbuss commented 1 year ago

As discussed today, please review section 3.1.2.1 Attributes & self-descriptions in the pre relase of the Rulebook v2

In case you cannot access this version, please check the attached pdf dump, which is out of sync: 2023-02-13-IDSA-Rulebook-V2-post-copy-edit_dump.pdf

The description of a data catalog and data asset should also be documented. We have a current understanding of this also in the Dataspace Protocol Specification to be considered:

In the next meeting: