Specific technical standards
Last updated
Last updated
Specific implementations of OAuth 2.0 and OpenID Connect 1.0 are used to facilitate an ecosystem in which parties can interact with previously unknown parties. Pre-registration, therefore, is not a prerequisite and this requires alterations to the official standards. Also, for the authentication of parties within an iSHARE (data spaces/network) context, it uses PKI and digital certificates relating to all participating parties.
The iSHARE Trust Framework also prescribes various general interface specifications described in the corresponding topic pages. More information on the technical standards can be found in the
Architectural principle
For interoperability on a European scale, all trusted roots under the eIDAS regulation will be trusted within data spaces/iSHARE network.
Open standard for authentication
The OAuth 2.0 subpage describes the generic Authentication flow.
Open standard for authentication of humans
Functions as an additional layer on top of the OAuth 2.0 protocol.
Communication protocol
An overview of relevant iSHARE HTTP response codes can be found here.
Cryptographic protocol
Within data spaces/iSHARE network, TLS 1.2 MUST be used for securing all HTTP communications.
Open standard for definition of access tokens
A JSON Web Token (JWT) is used in data spaces/ iSHARE network when non-repudiation between parties is required.
Access control policy language
Within data spaces/ iSHARE network, a JSON port of XACML 3.0 is used to enable parties to communicate delegation evidence.
Temporary data storage
In iSHARE, caching is used to optimise API interactions by reducing latency and load on services while ensuring data consistency and security.
Identifier
A Decentralised Identifier (DID) is assigned to legal entities during onboarding in compliance with the iSHARE framework using the did:ishare method.
Time Format
All dates and times in iSHARE must be communicated in UTC and formatted as Unix timestamps.
Cryptographic protocol
In iSHARE, X.509 certificates are used for secure identity verification, authentication, and encryption