Group 486

Core principle 5: Data at the source

As the data owner, you decide who has access to each piece of data via the BDI and which conditions apply. This concept, known as data sovereignty, ensures that data owners retain full control over who accesses their information and under what conditions. 

Notifications: metadata and links

To guarantee that, as the data owner, you always stay in control of your data, automatically generated notifications with metadata are sent via the BDI.  

One example is a cargo ship mooring in a port. At that time, the ‘owner’ of that event and the associated data automatically sends out notifications. These messages only contain metadata, e.g. an order number or a location where the data can be found, and they go to a relevant group of recipients that have been authorised by the owner. Recipients can then use links in each notification to retrieve specific data about the ship’s cargo directly from the original source. One example of this is the order number. 

Checks using data at the source

When a party receives a notification and someone in that organisation follows the link to retrieve data, they can: 

  • Track access (when): monitor which party has requested access and when. 
  • Check authentication (who): verify the identity of the requesting party. 
  • Assess trust (why): evaluate the reliability of the party in the given context (why and whether access should be granted). 
  • Authorise access (what): granting selective access to specific data where appropriate. 
  • Register access: record all access-related events, for accountability and traceability. 

The working method with notifications and metadata ensures that notifications are safe and can be sent highly effectively: 

  • If you send out notifications without permission, this involves only limited risk, as the information remains limited to the metadata.
  • You can distribute the same notifications to highly different parties with different roles. 

Consequences

The consequence of this ‘data at the source’ approach is that it requires a more or less common identification, authentication, reliability assessment and authorisation mechanism. This mechanism must integrate seamlessly with a Zero Trust API or interface if you want to guarantee safe and controlled data exchanges. The BDI offers this kind of mechanism.