Integrating IAM Building Blocks into a Dataspace
Transformative Technology:
Future Software Technologies
Semester programme:Infrastructure & Cloud
Research group:Future Software
Project group members:Kevin Guzman Peréz
Sam de Jong
Wessel Kastelijn
Tristan Stakenborg
Timo van der Steen
Project description
Main questions: In what way can the recommended technologies (VC, DID, and ODRL) contribute to a secure and user-friendly access to a dataspace segment?
We research the technologies and worked on implementing them
Context
Project based on the European dataspace project
https://www.ds4sscc.eu/
Results
The research confirms that it is possible to combine these three technologies to create a secure and flexible data sharing system. By moving away from traditional, centralized login systems.
The integration works by giving each technology a specific role:
- Identity (Who are you?): DIDs and Verifiable Credentials (VC) allow users to prove who they are using a digital wallet, without needing a central password database.
- Permission (What can you do?): ODRL is used to write clear rules about who is allowed to see the data.
- Enforcement (The Bridge): To make these work together technically we worked on a system where the verified identity is translated into a JWT token. An API gateway then checks this token against the ODRL rules to grant or deny access in real-time.