BDI Public Documentation
  • Reference Architecture
    • INTRODUCTION
      • Core Principles
      • Stack and KITs
      • BDI Technical Roles
    • BDI Maintenance and Community Contributions
    • Trust KIT
      • Digital Identity
        • Digital Identity M2M
        • Digital Identity H2M
      • Authentication
        • Authentication M2M
        • Page
        • Authentication H2M
      • Authorization
      • Edge agreements
      • Policy agreements
      • Onboarding Terms and Conditions
      • Association Register
      • Discovery
      • Demos
        • Trusted Goods Release & Delegation
    • Logistics Event KIT
      • Notification pub/sub service
      • Event Choreography
      • Trusted Goods Release - Event Demo
    • Semantics KIT
      • Overview
      • Logistics event Ontology
      • Demos
    • Representation KIT
      • Representation Chain
      • Professional Qualification Chain
      • BDI Association Roles
      • Demos
    • Federation KIT
      • Federation of Associations
      • Business Partner Reputation Model
      • Interoperability
      • Demos
    • Data Set KIT
      • Data Licenses
      • Demos
    • Verifiable Credentials KIT​
      • Verifiable Credentials
      • Provenance & Traceability
      • Demos
    • Security
      • Information Security Policy
      • Risk Assessment and Treatment
      • Control Implementation
      • Monitoring, Measurement, Analysis, and Improvement
    • Boundary Management
      • Digital Asset Boundaries
      • Physical Asset Boundaries
      • Legal Asset Boundaries
      • Demos
    • GLOSSARY
      • BDI Terms
Powered by GitBook
On this page
  • Summary
  • Purpose of this building block
  • Concepts
  • Implementation Considerations
  • Interlinkages with other building blocks
  • Core design decisions
  • Further reading
Export as PDF
  1. Reference Architecture
  2. INTRODUCTION

BDI Technical Roles

Summary

The building block aims to define BDI's technical roles, including Identity Provider, Identity Broker, Association Administrator, Data Owner, Data Service Provider, and Data Consumer. Each role plays a crucial part in managing identity, data control, and service provision within BDI's framework.

Purpose of this building block

The purpose of this building block is to define the technical roles in BDI

BDI defines these technical roles :

  • Identity Provider

  • Identity Broker

  • Association Administrator

  • Data Owner

  • Data Service Provider

  • Data Consumer

Concepts

Role
Description

Identity Provider

The Identity Provider-role is fulfilled by a legal entity whose tooling identifies and authenticates humans (and specifically, Human Data Consumers representing Data Consumers).

Identity Broker

The Identity Broker-role is fulfilled by a legal entity that provides Data Service Providers access to different Identity Providers, and that offers humans the option to choose with which Identity Provider to identify and authenticate themselves.

Association Administrator

Functionary responsible for operating the services of a BDI Association reporting to its Members.

Data Owner

The data Owner is a legal entity who:

  • Has control over data and access to data

  • Controls decisions on Data Sovereignty and Trust Sovereignty

  • Controls authorization policies, representation rules, professional qualification verification of staff and contractors

  • Controls subscription to the Event Pub/Sub Service, and publishing of events to subscribers

  • Controls discovery and endpoints

  • Controls roles assumed by entity

Data Service Provider

A Data Service Provider that acts under supervision and on behalf of the Data Owner

Data Consumer

  • Requests access to data and/or Representation Register and/or Professional Qualification Register of the Data Owner

  • Controls discovery and endpoints

  • Requests subscription to Event Pub/Sub Service of the Data Owner, receives and evaluates events.

Implementation Considerations

Implementation of the basic BDI mechanisms assumes the existence of these technical roles.

Interlinkages with other building blocks

  • Digital Identity

  • Authentication

  • Authorisation

  • Association Register

  • Zero Trust Check

Core design decisions

The iSHARE Trust Framework provides a comprehensive description of what iSHARE calls Certified Roles. The Common Roles of the BDI are derived from these descriptions, such as:

Further reading

PreviousStack and KITsNextBDI Maintenance and Community Contributions

Last updated 6 months ago

The role of an Authorisation Registry
The role of Identity Provider
https://framework.ishare.eu/is/framework-and-roles
https://dssc.eu/space/BVE/357075333/Data+Sovereignty+and+Trust
https://framework.ishare.eu/is/functional-requirements-per-role