Identity & Attestation Management

This building block ensures that every participant, whether a legal entity, service provider, or natural person, can be uniquely identified, verified, and trusted across data ecosystems. It establishes the foundation for secure interactions, authorisation, and accountability within the data space.

The data space can follow iSHARE’s principles on digital identity management:

• iSHARE-ID: Each participant is assigned a globally unique identifier, improving interoperability between data spaces and enabling cross-ecosystem recognition. See more here.

• Multiple Identifiers: Participants can be recognised by multiple identifiers (EORI or chamber of commerce numbers), which are recognised by converting into a common identifier, iSHARE ID, reducing onboarding barriers and improving interoperability across ecosystems. The iSHARE DID Method aligns with W3C standards, allowing portable and verifiable identity credentials.

• Accredited Identity Providers: Certified Identity Providers issue and manage identities for both legal entities and their human representatives. They act as trust anchors within the ecosystem.

• eIDAS and W3C Compliance: The iSHARE identity model recognises European eIDAS standards and global Verifiable Credential formats to ensure compatibility and legal validity.

• Alternative Onboarding Routes: Service consumers without PKI certificates can now onboard securely using approved alternative verification flows.

Attestations

Attestations are verifiable proofs of attributes such as certifications, roles, or compliance statuses, linked to a participant’s identity. Using W3C Verifiable Credentials and eIDAS alignment, attestations enable trust from the first interaction and support role-based authorisation, compliance monitoring, and automated onboarding within the Participant Registry.

Implementation in the Data Space

• The Data Space Governance Body selects and oversees accredited Identity Providers within the iSHARE governance model.

• Identity Providers issue, manage, and verify participant identities following the Framework specifications.

• Human representatives of organisations authenticate via their verified identity credentials.

• The Participant Registry maintains verified information, enabling continuous validation and interoperability with delegation and licensing services.

With the introduction of iSHARE-ID and DID-based verification, participants can engage across ecosystems with confidence, knowing that every entity they interact with has been verified according to transparent, globally recognised standards.

These enhanced mechanisms create a distributed yet cohesive trust layer, one that supports secure data sharing, smooth onboarding, and scalable governance across interconnected data spaces.

The guiding questions can help in the co-creation process and in defining this building block, so please see the next section.