Why read this ?
Date: 19 March 2025
Expertises:
Data Science ⊕
Domaine: Software industry ⊕
About project: WAL’PROT ⊕
Data is a crucial asset in the digital economy, but its true value emerges when it can be securely shared and reused to generate insights. Interoperability plays a key role in enabling seamless data exchange between systems and organizations. Data spaces offer a new architectural approach to fostering trust and defining access policies. They provide secure mechanisms for data sharing while maintaining control and protection for all stakeholders. As organizations seek to break down data silos, dataspaces present a vital solution for trusted and efficient collaboration.
A data space is a decentralized digital ecosystem designed to facilitate secure, transparent, and sovereign data exchange between participants while adhering to a common governance framework. It is not a centralized data platform but rather an infrastructure where data remains with its provider, and only metadata or algorithms are shared. Data spaces enable standardized, high-quality, and efficient sharing of both open and sensitive data across industries and sectors, supporting compliance with data sovereignty and privacy requirements. They aim to democratize access to data and ensure scalability and interoperability.
The International Data Spaces (IDS) architecture relies on Connectors as secure interfaces between participants. These Connectors operate on two functional levels:
In addition to Connectors, key IDS components include the Identity Provider for authentication, the Metadata Broker for catalog management, the Clearing House for transaction logging, and the App Store for extended data services. Figure 1 illustrates the interactions among these components.
a. Use case description : WAL’PROT data space
WAL’PROT project aims to address the growing demand for plant-based and alternative proteins for human consumption in Europe. Several partners are involved in these efforts, including research centers and university laboratories working in close collaboration. This necessitates a data-sharing solution that guarantees each partner’s sovereignty and ownership over their data.
As part of the WAL’PROT project, at CETIC, we focus on exploring initiatives for implementing data spaces, such as IDS, Eclipse Dataspace Components (EDC), and Gaia-X. Our work includes investigating existing technologies for data space realization and assessing their benefits for the project’s use case.
b. Data space set-up
Following our comparison of the implementations developing data space connectors, with a focus on their technical aspects to evaluate maturity and readiness, we examined solutions such as the TRUsted Engineering (TRUE) Connector and the Eclipse Dataspace Connector (EDC).
Based on our comparative analysis, EDC provides the most mature set of components. According to the EDC project, its framework is aligned with the Gaia-X Trust Framework and the IDSA Dataspace Protocol. It serves as a toolkit, a collection of extensions that developers can leverage to accelerate the implementation of data space components.
As part of our investigations, we identified Sovity (an EDC-based Connector and it is used to build mobility data space), it extends the EDC framework by developing additional components and integrating them into a ready-to-use connector distribution. We have selected the Sovity Community Edition EDC, which is available as a Docker image, to build the data space (figure 2).
c. Use case walktrough
To illustrate how data can be offered and consumed within a data space, we provide a step-by-step walkthrough using Sovity’s dedicated user interface, which enables users to efficiently manage and interact with the connector.
i. Offering data
The process of offering data in a Data Space consists of two key steps: data asset creation, and contract definition (figure 2).
Create data asset : the participant representing the data provider can use the connector’s UI to navigate to the “Assets” page and define a new data asset. This involves providing metadata such as the name, version, description, and keywords, as well as technical details about the data source (API endpoint from which the connector can retrieve the data). Once completed, the data asset is saved.
Define the contact and publish the offer : next, the provider creates a contract definition on the “Contract Definitions” page. When defining the contract, the provider must specify both the Access Policy and the Contract Terms. Once the contract definition is created, it is published as an offer in the connector catalog, making it discoverable to other Data Space participants based on the assigned access policy.
ii. Consuming data
The process of consuming data in the Data Space consists of three key steps: data offer discovery, contract negotiation, and data transfer. Below, we detail each of these steps (figure 4).
Discover data offer : the consumer can navigate to the “Catalog Browser” page within his connector UI. This page lists the data offers published in the catalogs of other participants’ connectors within the Data Space. The employee will find the contract definition for data offers. By clicking on this entry, they can view more details about the offer, such as the asset metadata and attached policies.
Negotiate contract : after discovering the offer, the consumer can initiate contract negotiation by clicking a button in the detailed view of the offer in their connector’s UI. This action sends a negotiation request to the provider’s connector, initiating an automatic contract negotiation without the need for human interaction. Once the negotiation is successfully completed and an agreement is reached, a binding contract is created and stored, the consumer can access it on the “Contracts” page of the connector UI and click on the entry to view further details.
Transfer data : the consumer can request the data transfer. This is done by clicking a button in the contract’s detailed view in their connector UI. The consumer is prompted to provide details about the data sink, including the endpoint parameters. Once these details are provided, the employee clicks a button to initiate the transfer.
The establishment of data spaces enables secure and sovereign data exchange among multiple stakeholders. To standardize and advance this concept, the Data Space Business Alliance (DSBA) brings together key organizations, including BDVA, FIWARE Foundation, Gaia-X, and IDSA, to develop a common technical framework. A notable upcoming implementation supporting this vision is Simpl middleware, which aims to streamline cloud-to-edge federations and enhance major European data initiatives.