Access & Usage Policies Enforcement

This building block ensures that participants retain full sovereignty over their data. It enables them to define who may access their data, under which conditions, and for what purposes, while ensuring those terms are respected across the entire ecosystem.

The iSHARE Framework delivers several integrated trust services that together form the enforcement layer for access and usage control:

  1. Authorisation Registry (AR) - The AR stores and validates delegations, allowing participants to grant, verify, or revoke permissions in a standardised, machine-readable format.

    • Framework 2.2 introduces standardised delegation creation requests, ensuring consistent trust exchange and compatibility across ecosystems.

    • Each delegation is traceable and references the participant’s verified iSHARE-ID.

  2. Licenses and Usage Policies - Licenses define the legal and operational boundaries of data use.

    • The new iSHARE Licenses Portal provides standardised license templates and metadata for both data and service offerings.

    • Data spaces can reference these licenses directly to ensure clarity and legal consistency between participants.

  3. Delegation Evidence - Delegations are expressed using a shared JSON-LD structure that provides verifiable proof of rights granted.

    • Each piece of evidence can include license references, identity attributes, and usage conditions, ensuring complete transparency and traceability.

  4. Consent and Compliance Management - Consent mechanisms, especially relevant when personal data is involved, can be integrated with delegation and license processes to ensure compliance with GDPR, eIDAS, and other regulatory frameworks.

Data Space Implementation

Each data space can build on these trust services to define:

  • Sector-specific access policies or license extensions;

  • Role-based permission schemes linked to participation management;

  • Enhanced auditing and monitoring to verify adherence to granted rights.

This modular design allows flexibility without compromising interoperability. By combining identity and delegation mechanisms, data spaces can achieve a fine balance between participant control and ecosystem-wide trust.

Through the integration of iSHARE-ID, standardised delegations, and the Licenses Portal, the Framework 2.2 empowers participants to govern access and usage with precision, confidence, and scalability.

The result is a federated system of trust, one where every access decision is verifiable, every usage right is transparent, and every participant remains firmly in control of their data.

iSHARE provides a generic approach for delegations, including generic licenses. The data space can decide to provide better guidance or standards on the semantics of delegations (specifically for policy --> target) and to allow more detailed licenses.

The guiding questions can help in the co-creation process and in defining this building block, so please see the next section.

PreviousGuiding questionsNextGuiding Questions

Last updated