Identity & Attestation Management

This building block ensures that every participant, whether a legal entity, service provider, or natural person, can be uniquely identified, verified, and trusted across data ecosystems. It establishes the foundation for secure interactions, authorisation, and accountability within the data space.

The data space can follow iSHARE’s principles on digital identity management:

  • iSHARE-ID: Each participant is assigned a globally unique identifier, improving interoperability between data spaces and enabling cross-ecosystem recognition. See more here.

  • Multiple Identifiers: Participants can be recognised by multiple identifiers (EORI or chamber of commerce numbers), which are recognised by converting into a common identifier, iSHARE ID, reducing onboarding barriers and improving interoperability across ecosystems. The iSHARE DID Method aligns with W3C standards, allowing portable and verifiable identity credentials. See more here.

  • Accredited Identity Providers: Certified Identity Providers issue and manage identities for both legal entities and their human representatives. They act as trust anchors within the ecosystem.

  • eIDAS and W3C Compliance: The iSHARE identity model recognises European eIDAS standards and global Verifiable Credential formats to ensure compatibility and legal validity.

  • Alternative Onboarding Routes: Service consumers without PKI certificates can now onboard securely using approved alternative verification flows.

Attestations

Attestations are verifiable proofs of attributes such as certifications, roles, or compliance statuses, linked to a participant’s identity. Using W3C Verifiable Credentials and eIDAS alignment, attestations enable trust from the first interaction and support role-based authorisation, compliance monitoring, and automated onboarding within the Participant Registry.

Implementation in the Data Space

Cover

The Data Space Governance Body

Selects and oversees accredited Identity Providers within the iSHARE governance model. Also, it defines the requirements and governs the process of onboarding of participants into data space.

Cover

Identity Providers

Issue, manage, and verify participant identities following the Framework specifications.

Cover

Human representatives of organisations

Authenticate via their verified identity credentials.

Cover

The Participant Registry

maintains up-to-date information on all data-space participants—including their assurance level, services, and roles—and manages the processes and criteria for onboarding, updating, reviewing, and confirming their membership, aligned with the Data Space Governance Body.

With the introduction of iSHARE-ID and DID-based verification, participants can engage across ecosystems with confidence, knowing that every entity they interact with has been verified according to transparent, globally recognised standards.

These enhanced mechanisms create a distributed yet cohesive trust layer, one that supports secure data sharing, smooth onboarding, and scalable governance across interconnected data spaces.

Identity & Attestation Management connects closely with other building blocks:

  • Trust Framework: Works with Identity & Attestation Management to establish overall trust and define trusted entities.

  • Access & Usage Policies Enforcement: Depends on verified participant identities to control access and usage.

  • Participation Management: Relies on identity verification for onboarding, offboarding, and attesting participation.

  • Regulatory Compliance: Translates rules into digital mechanisms for validation and verification.

The guiding questions can help in the co-creation process and in defining this building block, so please see the next section.

PreviousData Sovereignty & TrustNextGuiding questions

Last updated