Architecture Level Results
A secure & privacy-Aware Reference Architecture
Research Objectives
A structure for contracts on data sharing in data spaces that support privacy requirements
Privacy-friendly data sharing in medical data spaces ensuring patients and legal (General Data Protection Regulation) Requirements
Structured contracts serve as a contract template for data sharing in data spaces. It enables participants in a data space to define their roles, rights and responsibilities.
Contracts are essential for setting terms on data sharing. The data subject creates a policy with permissions, obligations, and prohibitions.
In the context of our research and concerning the existing Industrial Data Spaces Reference Architecture Model (IDS RAM) an extended version of the IDS RAM is propose, which specifically supports the privacy and security requirements of the patients in a (medical) data space.
A privacy-aware reference architecture
Our research to realize the objectives described above was twofold:
- In the first place, we focused on the fact that a secure and privacy-friendly data sharing requires a proper contract where all requirements, constraints and limitations on data sharing between two entities and the later data processing are formally specified and documented. To this end, we analyzed the state of the art and proposed a contract structure considering several relevant regulations.
- Secondly, we studied existing reference architecture models to design a reference architecture for medical data spaces where the security and privacy requirements of a patient is considered. Industrial Data Spaces Association provides a reference architecture where sovereignty of data in a data space is ensured. We leveraged this reference architecture model and proposed an extended version where patients and their relevant requirements are concretely supported.
Applied Methods
Information on the methods applied in this research can be found here.