- ISO/IEC 17000:2004(en)
8.2 Architecture of Standards
The Architecture of Standards (AoS) document defines a target for Gaia-X by analysing and integrating already existing standards for data, sovereignty and infrastructure components and specifying which standards are supported.
- This definition was consolidated from Gaia-X documents
8.3 Architecture Principle
Architecture Principles define the underlying guidelines for the use and deployment of all IT resources and assets across the initiative. They reflect a level of consensus among the various elements of the initiative and form the basis for making future IT decisions.
- Adapted from Togaf V 9.2, 20.2
- Gaia-X Catalogue
- Adapted from ISO: https://www.iso.org/certification.html
An assertion made about a subject within Gaia-X.
Compatibility is defined according to ISO/IEC 25010:2011 as the degree to which a product, system or component can exchange information with other products, systems or components, and/or perform its required functions, while sharing the same hardware or software environment
- ISO/IEC 25010:2011
Compliance refers to the accordance with Gaia-X Rules.
8.9 Compliance (Federation Service)
Compliance is a Gaia-X Federation Service.
8.10 Conformity Assessment
Conformity assessment is the demonstration that specified requirements relating to a product, process, service, person, system or body are fulfilled.
8.11 Conformity Assessment Body
Body that performs Conformity Assessment services.
- DIN EN ISO/IEC 17000
Note: A Gaia-X Consumer will act as a Cloud Service Customer (CSC) of the relevant Provider, but will probably also be offering cloud and/or edge services and thus acting as a Cloud Service Provider (CSP) in their own right to the customers and partners of their own business. The latter are considered End-Users from a Gaia-X perspective.
8.13 Consumer Policy
- Search Policy
8.14 Continuous Automated Monitoring
Process that automatically gathers and assesses information about the compliance of Gaia-X services, with regard to the Gaia-X Policy Rules and Architecture of Standards.
Contract represents the binding legal agreement describing a Service Instance and includes all rights and obligations.
A set of one or more Claims made and asserted by an issuer.
8.17 Data Logging Service
Data Logging Service is a Federation Service of the category Data Sovereignty Service and provides log messages to trace relevant information about the data exchange transaction.
- Federation Services Specification GXFS
8.18 Data Sovereignty Service
Data Sovereignty Service is a Gaia-X Federation Service.
It enables the sovereign exchange and use of data in a Gaia-X Ecosystem using digital Policies to enforce control of data flow(s) and provide transparency of data usages.
8.19 Data Agreement Service
Data Agreement Service is a Federation Service of the category Data Sovereignty Service and considers negotiation of agreements for data exchange.
- Federation Services Specification GXFS
8.20 Data Privacy
Data Privacy is defined according to ISO/TS 19299:2015, 3.32 as rights and obligations of individuals and organizations with respect to the collection, use, retention, disclosure and disposal of personal information
- ISO/TS 19299:2015, 3.32
8.21 Data Resource
8.22 Data Space
A Data Space is a virtual data integration concept defined as a set of participants and a set of relationships among them, where participants provide their data resources and computing services.
Data Spaces have the following design principles:
- data resides in its sources;
- only semantic integration of data and no common data schema;
- nesting and overlaps are possible;
- spontaneous networking of data, data visiting and coexistence of data are enabled.
Within one Data Ecosystem, several Data Spaces can emerge.
Franklin, M., Halevy, A., & Maier, D. (2005). From databases to dataspaces: a new abstraction for information management. ACM Sigmod Record, 34(4), 27-33.
8.23 Digital Rights Management
Digital Rights Management (DRM) is the use of technical means to ensure that the authorised recipient of licensed content is limited to those rights that have been granted under license.
While the term DRM is usually associated with the protection of high-value media such as movies and television delivered to consumers, the subtype Information Rights Management is sometimes used to ensure correct usage of enterprise data.
DRM of all kinds usually involves the delivery of content in an encrypted form that requires both authorised/certified client software and a valid license to access.
The receiver is then able to access the content through the unlocked client which can enforce any required restrictions.
8.24 Digital Sovereignty
Digital Sovereignty is the power to make decisions about how digital processes, infrastructures and the movement of data are structured, built and managed.
- Gaia-X, TAD 2020 p.3
An Ecosystem is an independant group of Participants that directly or indirectly consume, produce, or provide services such as data, storage, computing, network services, including combinations of them.
A Gaia-X Ecosystem is an Ecosystem compliant with the Gaia-X rules, which includes and is not limited to the usage of GAIA-X Federation Services.
A natural person or process not being a Principal, using a digital offering from a Participant. Participants manage their relations with End-Users - including identities - outside of the Gaia-X ecosystem scope. End-Users have no credentials within the Gaia-X Ecosystem.
Combination of a binding and a network address.
8.28 Federated Catalogue
8.29 Federated Trust Component
This component guarantees identity proof of the involved Participants to make sure that Gaia-X Participants are who they claim to be.
Federated Trust Model
A Federation refers to a loose set of interacting actors that directly or indirectly consume, produce, or provide resources.
8.31 Federation Services
Federation Services are services required for the operational implementation of a Gaia-X Data Ecosystem.
- Architecture Document 2103
Federators are Gaia-X Participants.
There can be one or more Federators per type of Federation Service.
8.33 Gaia-X Portal
The Gaia-X Portal is a Federation Service to support Participants in interacting with central Federation Service functions via a graphical user interface.
Federation Services Specification GXFS
8.34 Gaia-X AM
Gaia-X internal Access Management component.
8.35 Gaia-X Identifier
One unique attribute used to identify an entity within the Gaia-X context and following the Gaia-X format.
8.36 Identity and Trust
Identity and Trust is a Gaia-X Federation Service.
An identity may have several Identifiers.
- ITU-T Recommendation X1252, Baseline identity management terms and definitions
8.38 Identity System
An Identity System authenticates/provides additional attributes to the identity of the Gaia-X Principal and forwards this identity to the requestor.
A Gaia-X accredited Identity System follows a hybrid approach and consists of both centralized components, like company identity management systems, and decentralized components like Decentralized Identifiers (DIDs).
8.39 Information Rights Management
Information Rights Management (IRM) is a sub-type of Digital Rights Management (DRM) used (as one option) for the protection of enterprise data and to ensure usage only by authorised parties and only according to agreed license terms.
In Gaia-X this could include technology to restrict access to users within the EU or another jurisdiction after the data has been delivered.
Due to cost and complexity, IRM is most likely to be used only on the most valuable or sensitive shared data, or where liability could arise from misuse by the recipient.
8.40 Interconnection & Networking Service
Networking Service – services offered beyond the basic network functions, for example NTP, DNS, etc.
Interconnection Service – is the subclass of network service that runs on top of physical or logical interconnection. These can include best-effort connectivity and also go beyond it ensuring guaranteed bandwidths, lower latency, reliability and elevated security.
Interconnection & Networking service is a service that combines one or multiple services defined above.
Interconnection, rephrasing EU 2002/19/EC directive, refers to the physical or logical connection between two or multiple Nodes that enables the traffic exchange among them. In the context of telecommunications, interconnection can be implemented directly between different stakeholders or through dedicated interconnection points (e.g. IXPs).
The difference to the simple connection is that in case of interconnection we are speaking of a connectivity that involves several parties at once. It allows unification of interconnected parties into digital ecosystems. Moreover, it can exhibit special characteristics, such as latency and bandwidth guarantees, that go beyond the characteristics of a path over the public Internet.
Interoperability is defined according to ISO/IEC 17788:2014 as the ability of two or more systems or applications to exchange information and to mutually use the information that has been exchanged.
- ISO/IEC 17788:2014
8.43 Onboarding and Accreditation Workflow
The onboarding and accreditation workflow is a Federation Service of the category Compliance and concerns the initial onboarding and accreditation of Gaia-X Participants.
- Federation Services Specification GXFS
A Participant is an entity which is identified, onboarded and has a Gaia-X Self-Description.
8.45 Policy (legal)
A statement of objectives, rules, practices or regulations governing the activities of people within a certain context.
- NISTIR 4734 02/01/92: NISTIR 4734
- see Policies in Federation Service Compliance
8.46 Policy (technical)
Statements, rules or assertions that specify the correct or expected behavior of an entity.
In the conceptual model, they appear as attributes in all elements related to all Resources.
- NIST SP 800-95 Open Grid Services Architecture Glossary of Terms (25 January 2005)
- NISTIR 7621 Rev. 1 NIST SP 800-95 https://csrc.nist.gov/glossary/term/Policy
Portability describes the ability to move data or applications between two different services at a low cost and with minimal disruption.
- adapted from ISO/IEC 19941:2017(en)
A Principal is either a natural person or a digital representation which acts on behalf of a Gaia-X Participant.
Note: The service(s) offered by a Provider are cloud and/or Edge services. Thus, the Provider will typically be acting as a Cloud Service Provider (CSP) to their Consumers.
8.50 Provider Access Management (Provider AM)
This component is internal to the Provider.
The Service Provider will create the Service Instance and will grant access to the Consumer for this component.
- AM Framework Document and Technical Architecture Paper R. June 2020
A Resource is an internal building block, not available for order, used to compose Service Offerings.
Resource Categories include:
Data Resource, which consists of data (which may include derived data) in any form and includes the necessary information for data sharing.
Software Resource, consisting of non-physical functions.
Node, representing a computational or physical entity that hosts, manipulates, or interacts with other computational or physical entities.
Interconnection, which includes details of the connection between two or more Nodes.
Prominent attributes of a Resource are the location - physical address, Autonomous System Number, network segment - and the jurisdiction affiliations.
8.52 Resource Owner
Most Cloud Service Providers will be
Participants with two roles:
Resource Owners and
8.53 Self-Description Graph
The Self-Description Graph contains the information imported from the Self-Descriptions that are known to the Catalogue and have an “active” lifecycle state.
- Federated Catalogue WP
- Gaia-X Self-Description
8.55 Service Composition
Service Composition is the ability for a Service Offering to describe the required presence of functional dependencies.
A functional dependency exposes behaviors related to external actions, which match its requirements and characteristics.
Exemple: A high-availability web server which needs a reverse proxy and two web servers.
8.56 Service Instance
A Service Instance is the instantiation of a Service Offering at runtime, strictly bound to a version of a Self-Description. The Service Instance has a unique Identity and can be composed of one or more atomic building blocks which must be identifiable as they are associated with a Service Subscription.
8.57 Service Offering
A Service Offering can be nested with one or more other Service Offerings.
8.58 Service Subscription
A Service Subscription is an agreement (contract) between a Consumer and a Provider, to allow and regulate the usage of one or more Service Instances. It is related to a specific version of a Service Offering from which it derives the attributes of the Service Instances to be provisioned. The Service Subscription has a distinct lifecycle from the Service Offering and additional attributes and logic.
8.59 Usage Control
Usage Control is a technical mechanism to enforce usage restrictions in the form of Usage Policies after access has been granted. It is concerned with requirements that pertain to future usages (obligations), rather than (e.g., data) access (provisions).
8.60 Usage Policy
- Provider Policy
- according to IDSA: Usage Control in the IDS, IDS RAM 3.0
Anonymous, non-registered entity (natural person, bot, …) browsing a Gaia-X Catalogue.