IDS_ready – A Seal for Secure and Trusted Data Exchange
T-Systems heavily promotes the IDS_ready seal. However, many companies still don’t know what that is. The makers of IDS promise to offer a data space that comes as a trusted entity advocating data security and data sovereignty.
Seven years ago, huge banners could be seen across the halls of Hannover Messe, promoting new, intelligent ‘4.0 components’ making enterprises ‘Industry 4.0 ready’. This year, visitors did not come across such bold value propositions very often, for most people in business have recognized that simply installing a ‘4.0 component’ may not be sufficient to build the factory of the future or digitally transform existing facilities. It has become common sense that – alongside with relevant technical components – efficient business processes, appropriate business models, secure data spaces, and reliable security mechanisms need to be established.
While IDS_ready (IDS = International Data Spaces) from its wording obviously resembles the marketing slogans of the past, industry has learned that there is one major difference: The initiators of IDS do not offer any ‘4.0 components’, but instead provide a data space for secure and trusted data exchange. This is a major step towards creating and establishing new, data-driven business models – not only in industrial manufacturing, but practically across all industries. “IDS_ready is a reliable value proposition to our customers. It helps create competitive edge, as it allows us to implement real data sovereignty in the digital world for the first time ever in Germany. Data sovereignty has become a major topic in industry, both in the B2B and the B2C segment”, Sven Löffler of T-Systems explains. The telecommunications company headquartered in Bonn considers itself an enabler mainly for small and medium-sized enterprises. “Today, many SMEs look for some kind of a central trusted entity. They do not want to deal with the latest encryption technology on a daily basis. So, our job is to provide this trust and security, alongside with a plausible business model.”
Facilitating data traceability and lineage
Sven Löffler and his colleagues are part of the International Data Spaces Association (IDSA). Collaborators in this initiative are Fraunhofer (Europe‘s largest application oriented research organization), a number of large industrial corporations (e.g. Thyssenkrupp, Sick, Bayer, Schaeffler, Volkswagen, or Rittal), and multiple SMEs. The goal of IDSA is one that makes even direct competitors want to join forces: creating secure data spaces, in which companies can establish new, data-driven business models allowing them to exchange data among each other, while data sovereignty is maintained for each data provider across the entire data value chain.
An important area of application of such data spaces is machine learning. The idea is to establish a data marketplace where companies can acquire neutralized machine data in order to create and offer platform independent micro-services in turn. In such a scenario, a machine manufacturer may not have to make its data available if it does not want to; instead, it may simply request and use the data from other companies – provided it fully complies with the data usage policies specified by the respective data provider. What IDS developers conceive of is a secure, trustworthy data marketplace where companies can collaborate without needing to set up complicated contracts.
This sounds interesting to machine builders and providers of 3D printing products and services too, of course. Consequently, Thyssenkrupp and IBM are jointly developing a platform based on the IDS architecture extended by IBM blockchain technology. Combining their approaches, the two companies aim at facilitating data security and data sovereignty in connection with a higher degree of automation in order processing in additive manufacturing (AM) settings. The benefits of the platform are twofold: 1) quicker and easier access to additive manufacturing, especially for SMEs having no experience in this field so far, and 2) improved planning and a verifiable quality level across the entire process chain. And this is how it works: At the beginning of the AM process, a client submits construction drawings (i.e. CAD files) to Thyssenkrupp specifying the components to be manufactured. This data is valuable intellectual property of the respective client. Thanks to the IDS and IBM blockchain technology, data security and data sovereignty is always guaranteed to the client. This way, the platform economy will be raised to a new level in terms of higher security and efficiency.
At the same time, researchers are working on similar solutions. “AMable“ is a research and development project aiming at creating an ecosystem for 3D printing. The goal of the project is to develop and establish a digital marketplace offering services for facilitating additive manufacturing of products from construction to 3D printing to final processing. Members of the AMable ecosystem are AM service providers, user companies (primarily SMEs), and infrastructure providers. The digital marketplace provides a secure infrastructure for AM service providers and AM service requesters to exchange information and, for the latter, to eventually book the services offered. Information exchange takes place on the basis of the IDS architecture, which is supported by blockchain technology. To ensure that no secret construction data ends up in the hands of a competitor, each company making available such data can specify a data usage policy, adherence to which is ensured by the secure and trustworthy data space. In addition, data traceability and lineage features are offered.
Building upon ISO 27001
Many companies still shy away from sharing data. “Participants of the IDS can decide for themselves who sees their data, who is allowed to use it, how it is used or what it costs” summarizes Gerd Brost of Fraunhofer AISEC. Certification for companies and the component, for example the IDS connectors, gives security to the users in the IDS ecosystem. “We are on the eve of a large-scale rollout of the ‘IDS_ready’ certifications. The IDS_ready label invites companies to gain their first experience with IDS and prepares for the actual certification. There is a hidden uncertainty in industry about data and data sovereignty, and we counter both these fears with IDS.”, says Gerd Brost.
IDS_ready certificates will be issued by TÜV Süd (a leading certification body in Germany) and professional services provider PricewaterhouseCoopers for a duration of one year.
While these two certification authorities will be evaluating IDS conformity of the organization seeking certification, experts from Fraunhofer will be checking whether the respective organization is entitled to participate from the point of view of the technical components it uses. Companies already certified against ISO 27001 or a comparable standard can build upon this certification when applying for IDS_ready, which will accelerate the process. “Regarding certification of the organization itself, we look at the company’s documentation, its processes, and its basic IT security mechanisms in place. As for the technical components, one of three security levels may apply: ‘Basis’ with standard internet security, ‘Trust’ with non-cloneable identities and remote attestation, or ‘Trust+’ for connectors that are protected from manipulation by malicious admins”, as Gerd Brost explains. Apart from the manufacturing industry, other industries will benefit from IDS_ready as well. In the medical industry, for example, exchanging highly sensitive patient data, also across national borders, will be facilitated by the high security level of the IDS.
B2C markets are becoming increasingly aware of the solution as well, as it will allow consumers to regain sovereignty over their personal data. For example, it often happens that when people are traveling, several apps have access to their data without them knowing. At the same time, some kind of integrated mobility platform (on which local public transport services, airlines and car sharing service providers collaborate to bill the traveler according to their respective share of services provided) is missing. “Such a platform will be accepted by consumers only if data privacy, data security, and data sovereignty are guaranteed. Therefore, IDS is so important to us”, as Sven Löffler of T-Systems emphasizes.
For more information on how to apply for IDS_ready: https://www.internationaldataspaces.org/the-principles/#certification