International-Data-Spaces-Association / IDSA-Rulebook

The working repository of the IDSA Rulebook Working Group
Creative Commons Attribution 4.0 International
15 stars 3 forks source link

Describe the concept of the Application Plane in the functional requirements #57

Open ssteinbuss opened 8 months ago

ssteinbuss commented 8 months ago

How data are used after being exchanged and in preparation before being exchanged, an application layer would need to be defined in the functional layer.

PeterKoen-MSFT commented 8 months ago

Thinking through the details I would suggest to not use Application Plane as that again is a very difficult name for that layer.

(Data) Management Plane is a much better name for this layer, as it's already being used in telco/networking/cloud.

Here is how I would see the separation in Dataspaces: Control Plane - Contract offering/negotiation/agreement Data Plane - Executing the Data Sharing Agreement to provide access to data Data Management Plane - Responsible to execute the Enterprise Wide Data Governance/Data Management Systems

To fully execute the promise of Usage Policies in a Dataspace you need all three layers. However, I clearly see the boundary of the Dataspace to the rest of the enterprise between Management Plane and Data Plane.

The control plane negotiates the usage policy, the data plane executes the contract policy and the usage policies that are executable during the data sharing process, but to provide value data needs to travel on into the various enterprise applications, thus it needs to be managed within the enterprise. And this data management plane needs to ensure that the relevant usage policies are honored. E.g. if you specify a usage policy that says "for research purpose only, may not be used for procurement" then it's up to the management plane to ensure that this data is never forwarded to procurement or included in data lakes where procurement data is processed. If there is a usage policy that says that data needs to be deleted after 7 days, it's the data management plane that needs to keep track where within the enterprise the data is being used how and ensure the removal from those upstream applications.

On the other side, before data can be shared the data management plane is responsible for things like classification of data, defining protection worthiness, which usage policies need to be negotiated before it can be shared, but also technical provisioning like packaging the data and making it available to subsystems from which it then can be shared into the dataspace.

ssteinbuss commented 7 months ago

see also #58