IDS_ready – A Seal for Secure and Trusted Data Exchange

T‑Systems hea­vi­ly pro­mo­tes the IDS_ready seal. Howe­ver, many com­pa­nies still don’t know what that is. The makers of IDS pro­mi­se to offer a data space that comes as a trus­ted enti­ty advo­ca­ting data secu­ri­ty and data sov­er­eig­n­ty.

Seven years ago, huge ban­ners could be seen across the halls of Han­no­ver Mes­se, pro­mo­ting new, intel­li­gent ‘4.0 com­pon­ents’ making enter­pri­ses ‘Indus­try 4.0 rea­dy’. This year, visi­tors did not come across such bold value pro­po­si­ti­ons very often, for most peop­le in busi­ness have reco­gni­zed that sim­ply instal­ling a ‘4.0 com­po­nent’ may not be suf­fi­ci­ent to build the fac­to­ry of the future or digi­tal­ly trans­form exis­ting faci­li­ties. It has beco­me com­mon sen­se that – along­side with rele­vant tech­ni­cal com­pon­ents – effi­ci­ent busi­ness pro­ces­ses, appro­pria­te busi­ness models, secu­re data spaces, and reli­able secu­ri­ty mecha­nisms need to be estab­lis­hed.

While IDS_ready (IDS = Inter­na­tio­nal Data Spaces) from its wor­d­ing obvious­ly resem­bles the mar­ke­ting slo­gans of the past, indus­try has lear­ned that the­re is one major dif­fe­rence: The initia­tors of IDS do not offer any ‘4.0 com­pon­ents’, but ins­tead pro­vi­de a data space for secu­re and trus­ted data exchan­ge. This is a major step towards crea­ting and estab­li­shing new, data-dri­ven busi­ness models – not only in indus­tri­al manu­fac­tu­ring, but prac­ti­cal­ly across all indus­tries. “IDS_ready is a reli­able value pro­po­si­ti­on to our cus­to­mers. It hel­ps crea­te com­pe­ti­ti­ve edge, as it allows us to imple­ment real data sov­er­eig­n­ty in the digi­tal world for the first time ever in Ger­ma­ny. Data sov­er­eig­n­ty has beco­me a major topic in indus­try, both in the B2B and the B2C seg­ment”, Sven Löff­ler of T‑Systems exp­lains. The telecom­mu­ni­ca­ti­ons com­pa­ny head­quar­te­red in Bonn con­si­ders its­elf an enab­ler main­ly for small and medi­um-sized enter­pri­ses. “Today, many SMEs look for some kind of a cen­tral trus­ted enti­ty. They do not want to deal with the latest encryp­ti­on tech­no­lo­gy on a dai­ly basis. So, our job is to pro­vi­de this trust and secu­ri­ty, along­side with a plau­si­ble busi­ness model.”

Faci­li­ta­ting data tracea­bi­li­ty and lineage

Sven Löff­ler and his col­leagues are part of the Inter­na­tio­nal Data Spaces Asso­cia­ti­on (IDSA). Col­la­bo­ra­tors in this initia­ti­ve are Fraun­ho­fer (Europe‘s lar­gest app­li­ca­ti­on ori­en­ted rese­arch orga­niz­a­ti­on), a num­ber of lar­ge indus­tri­al cor­po­ra­ti­ons (e.g. Thys­sen­krupp, Sick, Bay­er, Scha­eff­ler, Volks­wa­gen, or Rit­t­al), and mul­ti­ple SMEs. The goal of IDSA is one that makes even direct com­pe­ti­tors want to join for­ces: crea­ting secu­re data spaces, in which com­pa­nies can estab­lish new, data-dri­ven busi­ness models allowing them to exchan­ge data among each other, while data sov­er­eig­n­ty is main­tai­ned for each data pro­vi­der across the ent­i­re data value chain.

An important area of app­li­ca­ti­on of such data spaces is machi­ne lear­ning. The idea is to estab­lish a data mar­ket­place whe­re com­pa­nies can acqui­re neu­tra­li­zed machi­ne data in order to crea­te and offer plat­form inde­pen­dent micro-ser­vices in turn. In such a sce­n­a­rio, a machi­ne manu­fac­tu­rer may not have to make its data avail­ab­le if it does not want to; ins­tead, it may sim­ply request and use the data from other com­pa­nies – pro­vi­ded it ful­ly com­plies with the data usa­ge poli­ci­es spe­ci­fied by the respec­ti­ve data pro­vi­der. What IDS deve­lo­pers con­cei­ve of is a secu­re, trust­worthy data mar­ket­place whe­re com­pa­nies can col­la­bo­ra­te without nee­ding to set up com­pli­ca­ted con­tracts.

This sounds inte­res­ting to machi­ne buil­ders and pro­vi­ders of 3D prin­ting pro­ducts and ser­vices too, of cour­se. Con­se­quent­ly, Thys­sen­krupp and IBM are joint­ly deve­lo­ping a plat­form based on the IDS archi­tec­tu­re exten­ded by IBM block­chain tech­no­lo­gy. Com­bi­ning their approa­ches, the two com­pa­nies aim at faci­li­ta­ting data secu­ri­ty and data sov­er­eig­n­ty in con­nec­tion with a hig­her degree of auto­ma­ti­on in order pro­ces­sing in addi­ti­ve manu­fac­tu­ring (AM) set­tings. The bene­fits of the plat­form are two­fold: 1) quicker and easier access to addi­ti­ve manu­fac­tu­ring, espe­cial­ly for SMEs having no expe­ri­ence in this field so far, and 2) impro­ved plan­ning and a veri­fia­ble qua­li­ty level across the ent­i­re pro­cess chain. And this is how it works: At the begin­ning of the AM pro­cess, a cli­ent sub­mits con­struc­tion drawings (i.e. CAD files) to Thys­sen­krupp spe­ci­fy­ing the com­pon­ents to be manu­fac­tu­red. This data is valu­able intel­lec­tu­al pro­per­ty of the respec­ti­ve cli­ent. Thanks to the IDS and IBM block­chain tech­no­lo­gy, data secu­ri­ty and data sov­er­eig­n­ty is always gua­ran­te­ed to the cli­ent. This way, the plat­form eco­no­my will be rai­sed to a new level in terms of hig­her secu­ri­ty and effi­ci­en­cy.

At the same time, rese­ar­chers are working on simi­lar solu­ti­ons. “AMa­ble“ is a rese­arch and deve­lo­p­ment pro­ject aiming at crea­ting an eco­sys­tem for 3D prin­ting. The goal of the pro­ject is to deve­lop and estab­lish a digi­tal mar­ket­place offe­ring ser­vices for faci­li­ta­ting addi­ti­ve manu­fac­tu­ring of pro­ducts from con­struc­tion to 3D prin­ting to final pro­ces­sing. Mem­bers of the AMa­ble eco­sys­tem are AM ser­vice pro­vi­ders, user com­pa­nies (pri­ma­ri­ly SMEs), and infra­st­ruc­tu­re pro­vi­ders. The digi­tal mar­ket­place pro­vi­des a secu­re infra­st­ruc­tu­re for AM ser­vice pro­vi­ders and AM ser­vice reques­ters to exchan­ge infor­ma­ti­on and, for the lat­ter, to even­tual­ly book the ser­vices offe­red. Infor­ma­ti­on exchan­ge takes place on the basis of the IDS archi­tec­tu­re, which is sup­por­ted by block­chain tech­no­lo­gy. To ensu­re that no secret con­struc­tion data ends up in the hands of a com­pe­ti­tor, each com­pa­ny making avail­ab­le such data can spe­ci­fy a data usa­ge poli­cy, adhe­rence to which is ensu­red by the secu­re and trust­worthy data space. In addi­ti­on, data tracea­bi­li­ty and lineage fea­tures are offe­red.

Buil­ding upon ISO 27001

Many com­pa­nies still shy away from sharing data. “Par­ti­ci­pants of the IDS can deci­de for them­sel­ves who sees their data, who is allo­wed to use it, how it is used or what it cos­ts” sum­ma­ri­zes Gerd Brost of Fraun­ho­fer AISEC. Cer­ti­fi­ca­ti­on for com­pa­nies and the com­po­nent, for examp­le the IDS con­nec­tors, gives secu­ri­ty to the users in the IDS eco­sys­tem. “We are on the eve of a lar­ge-sca­le roll­out of the ‘IDS_ready’ cer­ti­fi­ca­ti­ons. The IDS_ready label invi­tes com­pa­nies to gain their first expe­ri­ence with IDS and pre­pa­res for the actu­al cer­ti­fi­ca­ti­on. The­re is a hid­den uncer­tain­ty in indus­try about data and data sov­er­eig­n­ty, and we coun­ter both the­se fears with IDS.”, says Gerd Brost.

IDS_ready cer­ti­fi­ca­tes will be issued by TÜV Süd (a lea­ding cer­ti­fi­ca­ti­on body in Ger­ma­ny) and pro­fes­sio­nal ser­vices pro­vi­der Pri­ce­wa­ter­house­Coo­pers for a dura­ti­on of one year.

While the­se two cer­ti­fi­ca­ti­on aut­ho­ri­ties will be eva­lua­ting IDS con­for­mi­ty of the orga­niz­a­ti­on see­king cer­ti­fi­ca­ti­on, experts from Fraun­ho­fer will be che­cking whe­ther the respec­ti­ve orga­niz­a­ti­on is enti­t­led to par­ti­ci­pa­te from the point of view of the tech­ni­cal com­pon­ents it uses. Com­pa­nies alrea­dy cer­ti­fied against ISO 27001 or a com­pa­ra­ble stan­dard can build upon this cer­ti­fi­ca­ti­on when app­ly­ing for IDS_ready, which will acce­le­ra­te the pro­cess. “Regar­ding cer­ti­fi­ca­ti­on of the orga­niz­a­ti­on its­elf, we look at the company’s docu­men­ta­ti­on, its pro­ces­ses, and its basic IT secu­ri­ty mecha­nisms in place. As for the tech­ni­cal com­pon­ents, one of three secu­ri­ty levels may app­ly: ‘Basis’ with stan­dard inter­net secu­ri­ty, ‘Trust’ with non-clo­ne­ab­le iden­ti­ties and remo­te atte­sta­ti­on, or ‘Trust+’ for con­nec­tors that are pro­tec­ted from mani­pu­la­ti­on by mali­cious admins”, as Gerd Brost exp­lains. Apart from the manu­fac­tu­ring indus­try, other indus­tries will bene­fit from IDS_ready as well. In the medi­cal indus­try, for examp­le, exch­an­ging high­ly sen­si­ti­ve pati­ent data, also across natio­nal bor­ders, will be faci­li­ta­ted by the high secu­ri­ty level of the IDS.

B2C mar­kets are beco­m­ing incre­a­singly awa­re of the solu­ti­on as well, as it will allow con­su­mers to regain sov­er­eig­n­ty over their per­so­nal data. For examp­le, it often hap­pens that when peop­le are tra­ve­ling, several apps have access to their data without them knowing. At the same time, some kind of inte­gra­ted mobi­li­ty plat­form (on which local public trans­port ser­vices, air­lines and car sharing ser­vice pro­vi­ders col­la­bo­ra­te to bill the tra­ve­ler accord­ing to their respec­ti­ve share of ser­vices pro­vi­ded) is mis­sing. “Such a plat­form will be accep­ted by con­su­mers only if data pri­va­cy, data secu­ri­ty, and data sov­er­eig­n­ty are gua­ran­te­ed. The­re­fo­re, IDS is so important to us”, as Sven Löff­ler of T‑Systems empha­si­zes.

For more infor­ma­ti­on on how to app­ly for IDS_ready: