European Data Spaces

Project description

Main research question:

Which technical and organizational components are required to establish a secure and compatible way of exchanging data in a data space?

Sub-research questions:

Which components are present in a data space, and what function do they serve?

How is data shared within a dataspace using a dataspace connector?

What policies can be applied to ensure that data is securely shared in the dataspace?

Context

Problem description

Currently, there are technical and legal barriers to data sharing. The EU is encouraging member states to make as much public information available as possible, but not all data can be made available under an open data license and or open data portal. This problem could be solved by letting each EU Member State be in control of their own data and who has access to it; data spaces.

Project goal

The team’s goal is to find out how the different data space components (UTDR, APS) work, the standards that can be used (XACML, Verifiable Credentials) and how they can be combined to establish a working data space concept.

The client’s primary goal is to get a better understanding of the abstract requirements needed for data space.

The ideal outcome of this project is to provide working, secure, and efficient proof of concept implementation of the Inzicht Verlicht case in data spaces.

Results

The project focused on getting an understanding of the different components that are present inside a data space and how those contribute to a secure and functional data exchange inside a data space. The main research question that we defined for this project (“Which technical and organizational components are required to establish a secure and compatible way of exchanging data in a data space?”) reflects this focus.

When looking at the three sub research questions, we can give an indication of the extent of our research and the results that were achieved. Sub research question one delved into the components that are present inside a data space and how those function. We answered this with the research results that were documented, the diagram that was made, and our implementation of the data space connector.

Sub research question two was about finding out how data is shared inside a data space using a data space connector. This was done by initially looking at multiple different data space connectors, finding out how the data sharing is done, and then documenting that process in a clear way. We also attempted to showcase a working proof of concept implementation of a data space connector, but were not able to get it fully working.

Sub research question three was about the policies that could be enforced/applied to ensure that the data is securely shared inside a data space. This was partially done; we did research into what policies were inside a data space and how they could be applied to allow for a secure data exchange. We have also implemented Keycloak and the policies based on our use cases, though due time constraints were not fully implemented and tested.

We have answered most of the sub-review questions that we defined during the latter half of the project, and we can say that we answered the main research question regarding the technical components. Due to our focus on the technical components, we neglect the organizational components. We did research into the data participant, data provider, data consumers, and how organizations would interact with the data space, but that was the extent of our research.

About the project group

A short introduction for each team member can be found below:

Istvan Kleizer

My strengths are, I’m versatile, adaptive, and an active listener.

My skills include network/system/web pentesting, digital forensics, object-oriented programming, network and system administration. Other than that, I have basic knowledge about honey potting, server and system monitoring. Lastly, I have some knowledge about IT law, GDPR, and ISO/IEC 270001:2022.

Nathaniel Hart

I have been in IT for around 9 years with a focus on IT infrastructure design, deployment, hardening, monitoring and automation. I have experience in building and securing infrastructure's both in the cloud (GCP) and on-premises, while making us of Infrastructure as Code tools such as Ansible and Terraform. My strengths also lie in those aspects, though I have experience in honeypot setup and forensic, pen testing networks, and social engineering.

I am a relatively quiet person but will give my opinion and input where applicable while also participating in feedback and discussions about the ongoing tasks, issues, and performance.

Alexander Pupák

I’ve been interested in IT since a young age. I started in high school with Python and web development and continued within Fontys with infrastructure and cybersecurity. I like researching new approaches for practical projects. I have good experience with network setup and strengthening, automation, and beginner skills in red team topics.

Alex Hall

I have experience with IT from high school and my previous education, Architecture at TU/E. I have also gained experience in web development, software engineering and pen testing so far in my studies at Fontys. I am flexible in my work (hours), like to develop new skills and like to be challenged.