German Edge Cloud: “IDS-ready” – a milestone on the way to IDS certification

by Bernd Fon­der­mann

Bernd Fon­der­mann is Pro­duct Owner Trus­ted Sup­plier Con­nec­tor at Ger­man Edge Cloud. In his first blog arti­cle, he illus­tra­ted why sharing data across the ent­i­re sup­ply chain is a cru­cial requi­re­ment for doing busi­ness suc­cess­ful­ly. The second arti­cle in our seri­es on Ger­man Edge Cloud deals with how the Trus­ted Sup­plier Con­nec­tor beca­me IDS_ready.

The IDS archi­tec­tu­re allows com­pa­nies to share and exchan­ge data wit­hin a secu­re and trust­worthy vir­tu­al data space, and to unam­bi­guous­ly defi­ne the pur­po­se this data is used for by tho­se enti­t­led to use it. This means that each IDS par­ti­ci­pant deci­des for its­elf who is allo­wed to view its data, who is allo­wed to use it, how it may be used, and what it cos­ts to do so. And this is exact­ly what is achie­ved by ONCITE, Ger­man Edge Cloud’s solu­ti­on ensu­ring data sov­er­eig­n­ty for each par­ti­ci­pa­ting par­ty. ONCITE is a com­pact com­pu­ting cen­ter that is based on edge cloud tech­no­lo­gy. It allows fast, easy and secu­re digi­ta­liz­a­ti­on of busi­ness pro­ces­ses. Ger­man Edge Cloud is one of the first com­pa­nies to launch an “IDS-rea­dy” ser­vice.

The IDS (Inter­na­tio­nal Data Spaces) initia­ti­ve, which ori­gi­na­ted from Fraun­ho­fer, is being led and con­ti­nuous­ly deve­lo­ped fur­ther by IDSA (Inter­na­tio­nal Data Spaces Associ­ation). Ger­man Edge Cloud, a sub­si­dia­ry of Fried­helm Loh Group, is a mem­ber orga­niz­a­ti­on of IDSA.

German Edge Cloud’s IDS Connector

Ger­man Edge Cloud has deve­lo­ped its ver­si­on of an IDS Con­nec­tor as the cen­tral user inter­face moni­to­ring and con­trol­ling any data exchan­ge tran­sac­tion exe­cu­t­ed over ONCITE. The solution’s “Trus­ted Sup­plier Con­nec­tor” (TSC) allows users to request infor­ma­ti­on on the inter­faces and data for­mats spe­ci­fied for an upco­m­ing data exchan­ge tran­sac­tion. After the tran­sac­tion, they can use the “Trus­ted Exe­cu­ti­on Envi­ron­ment” for on-site data eva­lua­ti­on in order to make the data rea­dy for being used by their own or by OEMs’ sys­tems. Using audita­ble, secu­re chan­nels pro­vi­ded by the TSC, the results can then be trans­mit­ted to third par­ties also, such as OEMs or pro­duct manu­fac­tu­rers.

“IDS-ready“ – what does it mean?

“IDS-rea­dy“ is a preli­mi­na­ry sta­ge of IDS cer­ti­fi­ca­ti­on. The IDS cer­ti­fi­ca­ti­on pro­cess is cur­r­ent­ly under deve­lo­p­ment and will be avail­ab­le by the end of the year. IDS cer­ti­fi­ca­ti­on will be based on a set of cri­te­ria (so-cal­led “con­trols“), which altog­e­ther make up a com­pre­hen­si­ve check­list covering dif­fe­rent aspects of the soft­ware to be cer­ti­fied (in the case of Ger­man Edge Cloud: the Trus­ted Sup­plier Con­nec­tor, TSC). To pass IDS cer­ti­fi­ca­ti­on, the soft­ware must meet all cri­te­ria spe­ci­fied. In addi­ti­on, the check­list com­pri­ses cri­te­ria that do not refer to the soft­ware, but to the IT envi­ron­ment the TSC is embed­ded in and the orga­niz­a­ti­ons manu­fac­tu­ring and ope­ra­ting the TSC (this is com­pa­ra­ble with a ISO 27001 or C5 cer­ti­fi­ca­ti­on).

How did German Edge Cloud’s Connector become “IDS-ready”?

For the “IDS-rea­dy” check, the TSC was vali­da­ted against each con­trol spe­ci­fied on the check­list during a num­ber of work­shops con­duc­ted by Fraun­ho­fer FOKUS (Fraun­ho­fer Insti­tu­te For Open Com­mu­ni­ca­ti­on Sys­tems), invol­ving other mem­bers of IDSA as well. The work­shop par­ti­ci­pants inves­ti­ga­ted which cri­te­ria on the check­list were met by Ger­man Edge Cloud’s IDS Con­nec­tor, and which requi­red fur­ther con­si­de­ra­ti­on. In par­al­lel, Ger­man Edge Cloud deve­lo­ped a con­cep­tu­al docu­ment reflec­ting all the requi­re­ments of the exami­na­ti­on pro­cess. At the end of this pro­cess, after all con­trols were found to be ful­ly met by the TSC, a full-blown “IDS-rea­dy” con­cept was avail­ab­le for Ger­man Edge Cloud. Fraun­ho­fer FOKUS then recom­men­ded IDSA to grant Ger­man Edge Cloud’s TSC an “IDS-rea­dy” rating (which is valid for one year).

Benefit for German Edge Cloud‘s customers

With ONCITE and the TSC being “IDS-rea­dy”, Ger­man Edge Cloud grants full data sov­er­eig­n­ty to all its cus­to­mers devo­ted to secu­re and trust­worthy data exchan­ge. IDS cer­ti­fi­ca­ti­on of Ger­man Edge Cloud’s solu­ti­on is now not far away. The IDS eco­sys­tem sup­ports the buil­dup of a Euro­pean data infra­st­ruc­tu­re allowing secu­re digi­ta­liz­a­ti­on across all indus­tries – as pro­mo­ted by Gaia‑X, the Euro­pean digi­ta­liz­a­ti­on pro­ject led by Ger­ma­ny and Fran­ce. Ger­man Edge Cloud is one of the initia­tors of Gaia‑X, which was offi­cial­ly laun­ched last year by Peter Alt­mai­er, Germany’s Minis­ter for Eco­no­mic Affairs and Ener­gy.