Abstract
This thesis explores the implementation of a microservice-based data space, leveragingthe distributed and decentralized nature inherent in such architectures. Data spaces represent a relatively new concept in electronic data sharing among trusted participants,
and while robust reference architectural models exist, real-world implementations are
limited. The primary objective of this thesis is to establish a practical data space implementation using microservices, focusing on secure and sovereign data sharing.
The thesis begins with an in-depth analysis of the International Data Spaces (IDS)
Reference Architecture Model 4.2 (IDS-RAM 4.2) and its components, core participants,
and security principles. This model serves as the foundation for our microservice-based
implementation, which is adapted and realized using Python code. The architecture includes REST APIs to facilitate communication between Data Provider and Data Consumer microservices, ensuring efficient and secure data exchange.
A key aspect of this implementation is the emphasis on data usage policies. These
policies, governed by the data owner, are attached to the shared data and enforced
through Python-based microservices. The thesis details the development and implementation of various data policies, such as interval restricted data usage, location restricted
policy, duration restricted data usage including delete, and others. These policies are
designed to ensure data security and compliance with regulatory standards.
A practical demonstration of the data space is provided through an energy usage
monitoring use case. A Raspberry Pi device, equipped with temperature and humidity
sensors, serves as the Data Provider microservice. It collects real-time data, which is
then consumed by a Data Consumer microservice for analysis. This setup highlights
the practical applicability and benefits of a microservice-based data space in the energy
sector, showcasing how real-time data can be used to optimize energy consumption and
enhance user behavior.
The thesis also addresses the challenges and potential solutions in the implementation of secure and efficient data spaces. Security enhancements, such as logging frameworks, input validation, and the use of environment variables for sensitive data, are
discussed. The implementation also includes measures to handle HTTPS for secure
data transmission and ensure dependencies are regularly updated to protect against
vulnerabilities.
In conclusion, this thesis provides a comprehensive guide to implementing a microservicebased data space, emphasizing data security with utilizing data usage policies. It demonstrates the feasibility and benefits of such an architecture in real-world applications, in
the energy sector and beyond, and contributes to the existing literature by offering
insights into secure and sovereign data sharing.
| Date of Award | 2024 |
|---|---|
| Original language | English (American) |
| Supervisor | Erik Sonnleitner (Supervisor) |