Data sovereignty is a key success factor for data-driven business models. As defined by Usage Control in International Data Spaces, data sovereignty has the goal of providing data providers with full control over their data.
Data Usage Control is known as a conceptual and technical solution to cope with the challenges of data sovereignty. Data Usage Control Technologies aim to enforce usage restrictions and obligations once data access is granted.
MYDATA Control Technologies is developed at Fraunhofer IESE as a technical implementation for Data Usage Control. It offers both businesses and private individuals more transparency and self-determination in the use of their data by intercepting events or data flows and enforcing a security decision based on policies. MYDATA Control Technologies can interpret and enforce its own XML-based policy language.
To support users in specifying their policies in the ODRL policy language and translating it into technology-dependent policy languages, a Policy Administration Point and a Policy Transformation Service have been implemented and are available here.
NOTE: Through our engagement in IDSA activities, we've developed a draft profile that aligns with the IDS Information Model 4.0, accessible here. This effort has resulted in the creation of the ODRL Profile for Data Sovereignty.
The figure below illustrates the concepts defined by the ODRL Profile for Data Sovereignty.
