The team at the Department of Telematic Systems Engineering, ETSI Telecommunication, Polytechnic University of Madrid, a FIWARE Foundation Associate Member, has published a research paper on the work that they have been doing in the scope of Data Usage Control support with FIWARE.
When introducing the publication, Álvaro Alonso González, PhD, Professor at the Polytechnic University of Madrid and one of the authors of the research paper, said the following:
“We are happy to announce a new achievement with regard to security and data sovereignty in FIWARE. In the work, we have just published we propose a generic architecture for managing Usage Control in data sharing scenarios.
Usage Control goes beyond Access Control allowing data providers to define policies that regulate not only which data consumers can access but also which specific actions they can perform when processing the data. Moreover, in this paper we propose an implementation of such Data Usage Control architecture using FIWARE Generic Enablers and totally integrated with the FIWARE Security ecosystem. Therefore, using the Orion Context Broker and the new versions of Keyrock, Wilma, Draco, and Cosmos we have released you are now able to deploy data sharing infrastructures with support to Data Usage Control. In this paper, you will also find a sample of this kind of deployments and an evaluation of a use case in the food industry. We really hope this new important achievement will contribute to the integration of FIWARE in new data sharing scenarios of fields like Industry or IoT.”
Data Usage and Access Control in Industrial Data Spaces: Implementation Using FIWARE
In recent years, a new business paradigm has emerged which revolves around effectively extracting value from data. In this scope, providing a secure ecosystem for data sharing that ensures data governance and traceability is of paramount importance as it holds the potential to create new applications and services. Protecting data goes beyond restricting who can access what resource (covered by identity and Access Control): it becomes necessary to control how data are treated once accessed, which is known as data Usage Control. Data Usage Control provides a common and trustful security framework to guarantee the compliance with data governance rules and responsible use of organizations’ data by third-party entities, easing and ensuring secure data sharing in ecosystems such as Smart Cities and Industry 4.0. In this article, the authors present an implementation of a previously published architecture for enabling access and Usage Control in data-sharing ecosystems among multiple organizations using the FIWARE European open source platform. Additionally, they validate this implementation through a real use case in the food industry. They conclude that the proposed model, implemented using FIWARE components, provides a flexible and powerful architecture to manage Usage Control in data-sharing ecosystems.
Authors: Andres Munoz-Arcentales, Sonsoles López-Pernas, Alejandro Pozo, Álvaro Alonso, Joaquín Salvachúa and Gabriel Huecas