Broker: Query data / limit access

[MoritzKeppler]

Querying a broker means querying anything in the whole ConnectorCatalog including all ResourceCatalogs etc. Right? How can a Connector provide information about its resources in a way that just some other connectors/participants are allowed to read? E.g. a contract offer special to one participant.

_{Moritz Keppler moritz.keppler@daimler.com, Daimler TSS GmbH, legal info/Impressum}

[clange]

I think that so far this has not been specified. Let's involve @sebbader, our expert for both the Broker and contracts. In any case, it is possible to operate multiple Brokers in a data space. Think of DNS servers in the Internet. Here is a related requirement from the Metadata Broker specification:

B 007 (B10) A Connector operator may independently define which (meta-)data partitions of its Connector is sent to one or multiple IDS Meta Data Brokers.

Starting from this point, we might specify how exactly to achieve what you intend.

BTW @sebbader could you please clarify what the numbers like "(B10)" refer to?

[sebbader]

Hello @MoritzKeppler, @clange,

the B10 stands for the number of the requirement in the previous version of the Metadata Broker Specification. Nothing critical therefore.

@MoritzKeppler, we have actually thought about this already. Our current idea is to use contracts that have the Metadata Broker's URI at the ids:assignee attribute, and that this rule (either ids:Permission or ids:Prohibition) mandates the Metadata Broker whom to show the resources (using idsc:DISTRIBUTE with an ids:Constraint). For now however, no Metadata Broker has any enforcement module yet, so this is still a purely theoretical idea.

Nevertheless, would you think the use case could be solved in such a manner?

[MoritzKeppler]

Guess it can work in that way, yes. It's a contract allowing a broker to present a resource + contract offers to specific participants. But quite hard to foresee if this is really needed, feels like a solution that comes with some complexity...

A broker sharing a catalog feels like a good solution if it's about public data, e.g. for creating a common marketplace. If a connector has to keep an offer private it will be easier to share the details directly with the designated consumer. In that case it would be sufficient to have something like an address book of connectors, similar to a distributed identifier registry, without any data offers.