Fundamentals
One key part of the Framework is its description of functional roles, which represent the various ways organisations can interact within a data space. These roles, including the framework’s rules and specifications, are designed to meet the fundamental needs of different data spaces, which ensures a federation of all aspects. This ensures that all roles are defined and can be executed by multiple parties, preventing any single point of “failure” or “power” in the structure.
iSHARE Role Definitions
The Trust Framework introduces two main types of fundamental roles: “Adhering Roles” and “Certified Roles”.
Adhering Roles
These roles directly interact with data and follow the "Accession Agreement for Adhering Roles". They include:
- Data Owner/Holder or, Entitled party: Organisations with rights to access specific services or data
- Service or Data Provider: Organisations offering services for consumption
- Service or Data Consumer: Organisations using services provided by service providers
Certified Roles
These roles directly interact with data and follow the "Accession Agreement for Certified Roles". They include:
- Identity Provider: Organisations offering identification services for people
- Identity Broker: Organisations acting as intermediaries between Service Providers and Identity Providers
- Authorization Registry: Organisations providing authorization registry services
- Participant Registry: The Participant Registry ensures smooth membership management and is responsible for participant admission into the iSHARE network
Non data sharing roles
Some roles, although not directly involved in data sharing, are crucial to the data space.
- Scheme owner: The iSHARE Foundation serves as the Scheme owner. It is responsible for maintaining the Trust Framework and admitting the Data Space Governance Body into the network.
- Data Space Governance Body: An organisation that facilitates the admission of new participants, governs the data space and assesses the adherence of different roles to the data space agreement. Participant Registry role can be performed by the Data Space Governance Body
- Participant Administrator: The Participant Administrator is an optional role delegated by the Data Space Governance Body that validates and checks for compliance, determining if a party can be admitted to the data space/iSHARE network (and whether this is as an Adhering or Certified Party).
Roles within the framework ensure that a single legal entity can perform multiple functions, while the interface specification always promotes possible federation. For example, creating a seamless integration of roles. Despite this, all APIs to the Data Provider and the Authorization Registry are similarly exposed.