Open-source solution for digital data sovereignty by Martel

Martel Lab is at work to develop an open-source solution for digital data sovereignty to enable user-centric control of security and privacy data policies on data APIs (application programming interface) that will enable the portability of security and privacy data policies and support data sovereignty across different services.

Think of a user that registers some data in platform A. To control who can use this data, the user develops a set of policies and registers them in platform A. If the user moves the data to platform B, most probably the user will have to define again the control access policies for that data also in this platform. Martel experts are at work to develop a flexible Policy Enforcement solution that makes it easier to reuse security policies across different services, that will enable data sovereignty across different services.

Increased trust toward data sharing APIs and platforms 

“Data portability often focuses on the mechanisms to exchange data and the formalisation of data representation: the accent is rarely put on the portability of security & privacy data policies. Enabling security and privacy data policy portability is clearly a step forward in enabling data sovereignty across different services. Anubis (after the name of the ancient Egyptian god) aims at enabling data sovereignty by introducing data privacy and security policy portability and prototyping distributed data privacy and security policy management, thus contributing to increase trust toward data sharing APIs and platforms”, said Dr Federico M. Facca, Chief Technology Officer of Martel and Head of Martel Lab.

Approaches such as the Open-source solution for digital data sovereignty aim at increasing control by owners over their data and portability of data assets and are key to boosting the establishment of trusted data spaces. The outcomes of the project will be released under permissive Open-Source licenses and contributed to the FIWARE community:

• An open standardized security & privacy data policies vocabulary.
• A middleware supporting distributed control and audit of security & privacy data policies by data owners.

Validation of the solution through Martel’s flagship product Orchestra Cities

The developed solution will be integrated with the FIWARE-based smart city platform developed by Martel Innovate: Orchestra Cities. Thanks to its positioning, Orchestra Cities leverage extensions and applications from third parties, thus making it natural for it to share and integrate data from different platforms. Enabling data sovereignty and security policies portability is a more and more fundamental requirement for both public administration and the citizenship, key stakeholders in Martel’s IoT and Smart Cities projects. Thus, supporting an easy and effective way to guarantee data sovereignty in an open and infrastructure agnostic way becomes therefore a key feature for the platform.