About Swiss Data Custodian#
About#
The Swiss Data Custodian provides a governance layer that can be added to an existing ecosystem to enforce access control policies and gather user consent for the processing of a user’s sensitive data.
The approach can also be generalized to add a governance layer for resource management that protects resources instead of user data.
Design#
The Custodian adds a Policy Decision Point to an ecosystem that must be mirrored by a Policy Enforcement Point in the ecosystem.
The Policy Decision Point receives requests for resource access and makes decisions to grant or deny access based on policies that have been captured in signed contracts.
The Custodian cannot itself enforce its access decisions but needs as counterpart a Policy Enforcement Point in the ecosystem that protects the resources and enforces the decisions.
All events that occur in the ecosystem in regards to the protected resources are captured in an Audit Trail that can be viewed by the resource owners at any time.
The resource owner’s consent is received via signing digital contracts. The legal validity of the contracts must be ensured by the ecosystem.
Technical Features#
The Custodian makes use of the following design patterns and technical features:
- Microservice architecture:
Microservices provide a robust modular architecture.
- Interoperable context dependent contracts:
Contracts make use of Semantics Web technologies. Existing vocabulary in the ecosystem can be added via a Knowledge base from the ecosystem. Contracts are stored as JSON-LD in an RDF store. Contracts are validated using SHACL and queried using SPARQL.
- Digital signatures:
Contracts are digitally signed using the Elliptic Curve Digital Signature Algorithm.
- Easy deployment:
The microservices are available as Helm Charts and can be deployed on a Kubernetes Cluster.
- Interoperable contracts:
Contracts make use of Semantics Web technologies: they are implemented as JSON-LD and validated via SHACL.
- Flexible Authentication*:
Currently Keycloak is used but could be any OpenID Connect enabled platform. External identity providers can be integrated.