...
For the controlled provision and consumption of services, Adhering Parties (and specifically, the humans and machines representing them) must be identified, authenticated, and authorized. The tooling necessary for these processes can be implemented by Adhering Parties. Such tooling is expensive, however, and must be constantly updated to keep in check with the latest security standards. To make sure no such tooling needs to be implemented by Adhering Parties before they start providing or consuming services, the iSHARE Trust Framework recognises several certified roles fulfilled by legal entities that offer outsourced identification, authentication, and authorisation tooling to Adhering Parties.
...
Role of the Scheme Owner
he Scheme Owner role is fulfilled by the legal entity that keeps the Framework, and its network of participants, operating properly. How exactly is found under the detailed Operational descriptions.
The Scheme Owner is responsible for admission of the Satellites and the overall maintenance of the iSHARE Trust Framework, including the iSHARE Satellite participants' registry (iSHARE Registry).
Please refer to the detailed Functional descriptions for details on how the Scheme Owner facilitates and federates trust in the iSHARE Trust Framework
Role of the Satellite
A central role in the basic iSHARE Framework is the Satellite. The Satellite role is fulfilled by the legal entity that is responsible for the operational processes and keeps the data space functioning properly. How exactly is found under the detailed Operational descriptions.
The Satellite plays a fundamental role in any iSHARE use case. Every participant of the iSHARE Trust Framework must have a relation with the Satellite, and can check with the Satellite whether other parties participate in iSHARE. These are prerequisites, however, which is why the Satellite does not play a direct role (and is not depicted) in any of the use cases. All participants within the Data Space/iSHARE network will be explicitly linked to the Satellite responsible for their admission.
The Satellite can delegate responsibilities for onboarding, etc to Satellite administrators.
Role of the Satellite Administrator
The Satellite Administrator is responsible for onboarding participants when delegated by the Satellite. The Satellite Administrator validates and checks for compliance - whether a party can be admitted to the Data space/iSHARE network (and whether this is as an Adhering- or Certified Party). When a party is admitted, Satellite Administrator will register the new participant with the Satellite participants' registry and will continue to act as point of contact on behalf of the Satellite for its participants.
Please note that Satellite Administrator does not have an active role in any use cases within the iSHARE network.
Framework and roles in use cases
All of iSHARE's use cases can be depicted in the iSHARE Trust Framework. Their complexity is dependent on:
- The interaction model (Machine to Machine or Human to Machine);
i.e. whether the Service Consumer is represented by a machine or a human. - Whether delegation takes place;
i.e. whether the Service Consumer-role is fulfilled by another entity than the Entitled Party-role. How delegations work exactly is explained here. - Whether parties fulfilling adhering roles use their own tooling for identification, authentication, and authorisation or outsource these processes and the information necessary for these processes to certified roles instead.
...
Note that the only relation mandatory in all use cases is the relation between the Entitled Party and the Service Provider, which establishes the entitlements of the Entitled Party. In the depiction of iSHARE's use cases, all legal relations are shown before the actual interaction is plotted in the framework.