How to avoid DATA COPY after the consumer received data?

[AndyZ-2021]

Hi team,

I've watched the demo from the following video:
Technical elements for data ecosystems – connectors and metadata brokers

It shows that we can request data through connector API and the data usage will be restricted by policies.

However, if we copy the response data of that API and save it locally, the data will be used out of control, may I know how can IDS ensure the data can not be copied by data consumer?

I'm wondering if there are some restrictions on usage scenarios of IDS? Eg. we cannot copy data out of connectors - all the data process/analyze should be finished inside connector by data apps, or maybe data copy will be prohibited by some "paper contract" outside of the IT system.

Thanks,
Andy.

[HeinrichPet]

Hi,

These questions capture the essence of IDS ;)
I try to summarize the documents and will also link them.
If you want more details feel free to read documents here: Most important IDS documents

1. In IDS, we are trying to move from the typical organizational and legal contracts, with which current data transfers are secured, to technically readable and implementable conditions. So, you as a consumer have to accept the usage policies, like other contracts. If you do not follow them, the provider will not do business with you or IDS will ban you from the IDS. For sure, only when it is noticed by anyone, but that's the same for the state of the art legal contracts.
   
   Figure 1: "Technical Enforcement vs. Organizational Rules" from Usage Control in the IDS v3.0 page 24
   See also the Rule Book.
2. However, IDS go a step further and enable policy enforcement inside the IDS Connector (not ouside). Thereby the naming is a bit difficult, so according to the reference architecture the Dataspace Connector is a part of the whole IDS Connector. An IDS Connector also includes the deployment of the Dataspace Connector itself, as well as the IDS Apps, and even the hardware. Accordingly, the usage policies will not only be implemented in the Dataspace Connector itself, but also in the Camel (as a message router between the IDS apps) and in the IDS apps. Various usage control frameworks are used for this purpose. See Usage Control in the IDS v3.0 page 60 and following.
3. The IDS Connector is secured by certification criteria and a certification process to follow the principles of IDS on an organizational and technical level. See IDS Certification Explained
4. To ensure that a provider/consumer do still have a valid and certified Software Stack, we will use Remote Attestation.

I hope that answers your question.
But you are right, there is still some tasks to do, to fulfill all four concepts.

• We will in the next month working on integrating IDS Apps, to enable business logic and therefore also usage control into the Connector: Milestone.
• Because the IDSA certification is not live, the DSC is IDS ready reviewed (not certified) to follow the IDS certification.
• The remote Attestation will be available in the next weeks, when IDSCP is integrated Pull Request 420.

[AndyZ-2021]

Hi @HeinrichPet

Thanks for your patient explanation. I'm trying to understand what IDS is and the applicable scenarios.

From my understanding, it seems that IDS is trying to build a TRUSTWORTHY data exchange world, all the data operation should be finished in IDS Connector with all APPs under usage control, so that all the participants in this world will & have to follow the rule.

Before this world is fully built up, it will be working in a "weak" mode, which means we cannot protect the data from malicious attackers by now.

If so, the whole system will highly depends on the ecosystem of Connector APPs, which should cover most of the data operations (eg. ETL\query\analyze\dashboard...).

And move data/result out of the IDS Connector should need much deeper data protection technologies, such as TEE (Trusted Execution Environment) and Privacy Computing.

All the above are my personal rough understandings, please correct me if I’m wrong.

Thanks,
Andy.

[HeinrichPet]

Hi @AndyZ-2021

everything you say is right.

However this is an effort that must be done against internal attackers / malicious companies as consumers.
Against external attackers, we are already using Access Management, HTTPs communication, signatures, etc.

Best regards,
Heinrich

[AndyZ-2021]

Yeah, I get it. Thanks @HeinrichPet.

I see there are many effective features in IDS RAM to prevent external attack. That's why I'm curious how IDS tries to protect data from malicious consumers.

To make sure I understand them clearly, here are three questions:

1. Is IDS designed to prevent data consumption out of the IDS Connector scope, so that all of the data will be consumed under usage control?
2. Does IDS allow consumers to copy data out of IDS Connector, and restrict the data usage by legal contract/some assessment?
3. Has privacy calculation already been put on the roadmap of IDS?

BR,
Andy