The following can be considered as Digital Assets:
Applications and processes
Data
Allowing humans to login to your IT systems (applications, processes), or allowing a process owned by another party to access (read and maybe modify) your data is the subject of Digital Asset Boundary Management.
Transport is almost always a consequence of trade. In the delivery conditions of a purchase agreement, the seller and buyer agree, among other things, who must take care of the transport of the shipment.
In international trade, seller and buyer can use the Incoterms 2020. These are standardized agreements about who arranges what (for example transport, but also insurance and/or customs formalities), the payment regulations and guarantees, and the moment at which responsibility is transferred (for example when a container is lifted over the rail of a ship). Incoterms 2020 are mainly focused on the agreements between buyer and seller.
Under the purchase agreement, one party issues one or more orders to arrange transportation. In a more complex chain, forwarders often arrange the details on behalf of the client, but in the case of a relatively simple order this is usually done directly.
For centuries, the standard in the professional transport of goods have been paper documents. They serve as a basis for business agreements as a mean to coordinate activities, and as a basis for declarations to and inspections by governments. Many laws, work processes and customs are based on this paper backbone.
The new standard is digital. Mutual agreements, planning, transactions, transfers and notifications are handled as much as possible by the IT systems of the involved companies and governments. This new standard is automated, with less and less human intervention, in order to facilitate the following:
Demonstrability: being able to show the origin of goods and the environmental effects of a supply chain.
Managing scarcity. Scarcity is visible in scarce infrastructure, labor shortages, limited environmental space and shortages of raw materials, energy or products. Managing this scarcity is possible by providing more information and insight.
Resilience: absorbing the consequences of disruptions and shocks in the global economy.
Details determine the legal strength of a digitally recorded transaction. The requirements for these digital transactions can be set by the involved parties — such as clients, transporters and recipients.
Digital transactions exist in many different variants.
Many different variants of digital transactions exist, and all of them have specific properties, advantages and disadvantages. The legal status of variants (other than high quality "digital signatures" for valuable transactions) is diffuse.
As there is no global accepted standard or legal framework for "fit-for-use" recordings of digital transactions, the BDI supports commercial agreements between parties, called Edge Agreements.
Standardized protocols with corresponding liability definitions can be referenced in general conditions of agreements, creating the legal basis for "fit-for-use" Legal Asset Boundary Management.
Preventing undermining: both cutting off opportunities for crime and fraud, preventing and detecting tax evasion.
Usually, many parties are involved in a logistic process. Each of these parties maintains a set of valuable assets that they needs to protect. In abstract terms, this protection is realized by creating an perimeter, a boundary around the assets that is controlled by the party. Other parties can not cross the boundary without permission of the owner, hence the value is protected. However it is often required that parties do cross the boundary to facilitate cooperation.
Three different kinds of assets and their associated boundaries are distinguished:
Digital assets, such as IT systems (applications, processes) and data
Physical assets, such as distribution centers and production facilities
Legal (ownership, liability and accountability) assets, such as responsibilities for and ownership of cargo
The nature and implementation of the protecting boundaries is different for each kind of assets and each one requires specific measures to allow third parties to cross them in order to cooperate in a logistic process.
There are two reasons to allow others (representatives as in human and IT-processes) to cross a boundary:
To allow them to use an asset
To transfer an asset between parties
Boundary Management is about managing boundaries in practice.
The BDI framework includes support for the authentication of a representative (human or machine) and verification of their mandate, safeguarding the non-repudiation of the liability their principal (the entity who is represented) takes for their actions.
In the physical operation of our economy many activities are outsourced. Supplying services on-premise requires access to a guarded location. For example: a maintenance sub-contractor for a vendor of video security systems is commissioned to perform maintenance at a customer's site. The subcontractor is contracted to perform regular maintenance . At regular intervals a maintenance engineer shows up at the gate of the premises and claims access to the premises, to perform preventive maintenance on a security video system on behalf of the vendor that delivered the security system.
The security guard of the company where the security system is installed needs to verify the following:
Has this person indeed been sent by the OEM (original equipment manufacturer)?
Can this person be authenticated and verified as being mandated by the sub-contractor>
Does this person have the required professional qualifications?
In the example of the engineer of the maintenance sub-contractor, the user journey starts when the engineer shows up to the gate. The security guard needs to be able to authenticate the person and verify the representation claim. The approach for this check is as follows:
For real-life applications it is necessary to be able to operate (temporarily) offline. It should be possible to verify the Representation Evidence, even when validation by the issuer is delayed. Whether a delayed verification is acceptable, depends on the involved parties. This could for example be acceptable when the party checking the Representation Evidence has already received a prior notification. The data in this pre-notification can then be matched with the data in the actual evidence.
The use of JSON Web Tokens (JWT, RFC 7519) is ubiquitous: the support in tools and knowhow is well developed. Expand the following elements to learn more about the different uses of JWTs.
A JWT is a compact, URL-safe way to represent claim sets which are to be transferred between two parties. A claim set is a set of claims, where each claim is a piece of information asserted about a subject. A claim is represented as a name/value pair consisting of a claim name (always a string) and a claim value (can be any JSON value).
Unsecured JWTs are standardized claim sets. However, many if not most JWTs need to be signed and encrypted. The claim set in a JWT can be used as the payload of a JSON Web Signature (JWS, RFC 7515) structure or as the plaintext of a JSON Web Encryption (JWE, RFC 7516) structure, enabling the claims to be digitally signed or integrity protected with a Message Authentication Code (MAC) and/or encrypted.
The result nesting of a JWT in a JWS or in a JWE (or both!) is called a Nested JWT. (Note that this is a different kind of nesting than the nesting/embedding of representation evidences that are the topic of this note). The resulting JSON object is encoded using a Base64URL encoding, which produces a URL-safe plain ASCII string.
Because JWTs are in the end just ASCII strings, they can be used as the value of a claim in another JWT. This kind of nesting can be referred to as embedded JWTs. This feature is the basis for representation hierarchies, where a representation is based on another representation.
A defines how to implement selective disclosure of information. Selective disclosure would be a excellent feature in business environments.
There are two types of JWT claims:
Registered: standard claims registered with the and defined by the to ensure interoperability with third-party, or external, applications.
Custom: non-registered public or private claims. Public claims are collision-resistant while private claims are subject to possible collisions.
The lists the registered claims. (Claim Name “vc”) and Verifiable Presentations (Claim Name “vp”) are registered claims. The use of nested JWTs supports the future use of VC’s and VP’s. The JWT structure makes it therefore possible to include claims of Professional Qualifications.
The most simple approach is that the Principal issues the JWT. The payload of the JWT is:
identity information of the human (ID #, name, digital identity etc.)
identity information of the Principal
order information (order reference, type of activity, location, data)
The issuer of the JWT (Principal) can add a link to the payload. The link allows for a real-time confirmation that the claims in the JWT are still valid.
When the Principal commissions a subcontractor, the identity of the human is replaced by the identity of the subcontractor. The subcontractor creates a new JWT, with the payload:
the JWT as sent by the Principal
identity information of the human (ID #, name, digital identity etc.)
identity information of the Subcontractor)
An embedded JWT claim can be created recursively by each layer of the (subcontracting) chain, starting with a Principal. This show the Representation chain.
The human requesting access can carry the JWT (for instance in a Wallet), or carry a link to an online API that can transfer the JWT to an evaluation service/application. The security guards use the service or application to evaluate the JWT, verify the signing of its claims and show the content to the guard. The guard can authenticate the human and verify the representation chain.
The engineer presents a Representation Evidence. This evidence should show:
the chain of subcontracting, up to a level that is suitable for security reasons. Note that it may be necessary to stop at an intermediate level, to protect the identity of the main principal on top of the chain from leaking
the confirmation of the identity of the engineer, as a representative.
time limitations on the validity of the representation (not before, not after).
links to issuers of subcontracting orders, to validate in real-time whether the representation is still valid and not revoked.
the non-repudiable evidence of the representation
additional information (time limits, specific instructions, link to issuer)