Score matrix
| Test ID | Customer Journey | Test Description | Phase | EDC MVD | Fiware | Simpl Agent |
|---|---|---|---|---|---|---|
| [1.2.1.1] | Participant Onboarding - Evaluation - Self-Assessment | If an onboarding online facility is provided, evaluate the level of customisation required to input participants’ metadata. | Phase 1 Minimal | 2.33 | 3.33 | |
| [1.2.2.1] | Participant Onboarding - Evaluation - Proof Of Identity | Describe how the data space could validate requestors’ real-world identities from national identity providers. | Phase 1 Minimal | 2.4 | 2.6 | |
| [1.3.1.1A] | Participant Onboarding - Certification - Identity And Credentials Issuance - 1.3.1.1A | Prove that the stack uses a credential framework that is compatible with this initiative: Gaia-X | Phase 1 Minimal | 2 | 2 | |
| [1.3.1.1B] | Participant Onboarding - Certification - Identity And Credentials Issuance - 1.3.1.1B | Prove that the stack uses a credential framework that is compatible with this initiative: eIDAS | Phase 1 Extended | N/A | 0 | |
| [1.3.1.1C] | Participant Onboarding - Certification - Identity And Credentials Issuance - 1.3.1.1C | Prove that the stack uses a credential framework that is compatible with this initiative: EBSI | Phase 1 Extended | N/A | 4 | |
| [1.3.1.5] | Participant Onboarding - Certification - Identity And Credentials Issuance | Assess the coverage of a minimally viable credential lifecycle is supported: request (credentials), issuance, validation, renewal, revocation. | Phase 1 Minimal | 2.4 | 3 | |
| [2.1.1.3] | Data Product Publication - Provision - Data Source Endpoint Provisioning | Assess the availability of multiple data planes that support multiple protocols. Refer to D2.1 for an overview of the most used protocols. The higher the coverage, the higher the ranking. | Phase 1 Minimal | 4 | N/A | |
| [2.1.3.1] | Data Product Publication - Provision - Reuse Or Create Usage Control Policies Functions | Assess how Usage Control Policies are deployed. Rank the result by API coverage and ease of use (i.e. avoiding multiple calls with parameter passing) by scoring the following actions 1. Create a new policy 2. Assign a usage policy to a sharing agreement 3. Delete a sharing agreement 4. Delete a usage policy 5. Update existing sharing agreement 6. Update existing usage policy 7. Extend the usage policy language 7. Create new policy enforcement functions | Phase 1 Minimal | 3.125 | 4 | |
| [2.1.3.2] | Data Product Publication - Provision - Reuse Or Create Usage Control Policies Functions | Assess how Usage Control Policies are deployed. Rank the result by GUI coverage and ease of use (i.e. autocompletion, validation, interface to the policy repository is available, etc.) | Phase 1 Minimal | 1 | 0 | |
| [2.1.3.3] | Data Product Publication - Provision - Reuse Or Create Usage Control Policies Functions | If the EMDS usage control repository is available, verify that a new policy can be pushed on it. Rank the result by scoring the publish process, and if security and integrity controls are available (e.g. a review process, …) | Phase 1 Extended | N/A | 4 | |
| [2.1.3.4] | Data Product Publication - Provision - Reuse Or Create Usage Control Policies Functions | Depending on the formalism used to express UCPs, either test a policy that covers two usage policies (OR, and AND), or concatenate two test usage policies. For instance: "Consumer is within the EU" and "Consumer is a Company". | Phase 1 Extended | N/A | 4 | |
| [2.2.1.3] | Data Product Publication - Publication - Data Product Offering Submittal | Assess if the administrative interface of the connector provides overviews of data products, data sharing agreements, available data planes and the status of these assets. | Phase 1 Extended | 3.33 | 4 | |
| [2.2.2.10] | Data Product Publication - Publication - Deploy Config Usage Control Functions | Assess that the policy language is extensible and score the results by flexibility and availability of development and testing facilities for new operators. | Phase 1 Minimal | 3.25 | 3.75 | |
| [2.2.2.1] | Data Product Publication - Publication - Deploy Config Usage Control Functions | Assess the completeness of the administrative interface (either API or GUI) so that it covers the most needed use cases for the deployment of usage policies: upload a new policy, (optional) bind a policy with a custom enforcement function, assign a policy to a sharing agreement, delete a policy, re-use an uploaded policy, persist uploaded policies. | Phase 1 Minimal | 3.17 | 3 | |
| [2.2.2.4] | Data Product Publication - Publication - Deploy Config Usage Control Functions | Expandability assessment: Assess if the system provides an API or libraries to embed custom usage enforcement functions that can be invoked by usage policies. | Phase 1 Minimal | 2.67 | 0 | |
| [2.2.2.5] | Data Product Publication - Publication - Deploy Config Usage Control Functions | Feature assessment: assess that the usage control framework supports external enforcement. | Phase 1 Extended | N/A | 3 | |
| [2.2.2.6] | Data Product Publication - Publication - Deploy Config Usage Control Functions | Assess if the system provides a built-in facility to simulate policies (max score), or if a separate test environment (min score) is required. | Phase 1 Extended | N/A | 0 | |
| [2.2.3.1A] | Data Product Publication - Publication - Publication On Emds Catalogue - 2.2.3.1A | Test the process of catalogue publication for a data product under the following conditions: a new data product is published in the catalogue | Phase 1 Minimal | 4 | 4 | |
| [2.2.3.1B] | Data Product Publication - Publication - Publication On Emds Catalogue - 2.2.3.1B | Test the process of catalogue publication for a data product under the following conditions: an existing data product is published on the catalogue | Phase 1 Minimal | 4 | 4 | |
| [2.2.3.1C] | Data Product Publication - Publication - Publication On Emds Catalogue - 2.2.3.1C | Test the process of catalogue publication for a data product under the following conditions: a new data product cannot be published on the catalogue | Phase 1 Extended | 2 | N/A | |
| [2.2.3.1D] | Data Product Publication - Publication - Publication On Emds Catalogue - 2.2.3.1D | Test the process of catalogue publication for a data product under the following conditions: a data product is de-published. | Phase 1 Minimal | 4 | 4 | |
| [2.2.3.3] | Data Product Publication - Publication - Publication On Emds Catalogue | Assess that a GUI for the functionality to publish a data product offering into the catalogue and discovery tools is available. | Phase 1 Extended | 2 | N/A | |
| [2.2.3.4] | Data Product Publication - Publication - Publication On Emds Catalogue | Feature assessment: catalogue de-publishing or make the catalogue entry private. | Phase 1 Extended | 2 | N/A | |
| [3.1.1.1] | Data Product Survey - Discover - Consult Data Space Catalogue | Assessment: If an Online U/X is natively available, evaluate individual search features. If the Data space catalogue exposes an API, assess the technical debt to integrate it with a data search tool that is representative for EU projects. Criteria are: Open Source, hosted solution or EU-driven project. | Phase 1 Minimal | 2 | 2 | |
| [3.1.1.4] | Data Product Survey - Discover - Consult Data Space Catalogue | Assessment: either the data product specification provides the necessary metadata to report quality, or the catalogue must be extended with an “-AP” profile. Ranks higher in the first case. | Phase 1 Extended | 4 | N/A | |
| [4.2.1.1] | Sharing Agreement - Negotiation - Negotiating Sharing Agreement | Test completeness: Two connectors can negotiate a data sharing agreement that supports a defined minimal state machine (the definition of the minimal state machine must be agreed beforehand). | Phase 1 Minimal | 4 | 1 | |
| [4.2.1.3] | Sharing Agreement - Negotiation - Negotiating Sharing Agreement | Prove that the negotiation can use (one or more of) the following assets and parameters to define a contract: - Claim verification - Usage policy rules - Service Agreements The larger the coverage (i.e. more possibilities), the higher the rank. | Phase 1 Minimal | 2 | 0 | |
| [4.2.1.6] | Sharing Agreement - Negotiation - Negotiating Sharing Agreement | Validate that the data sharing protocol is compatible with channel encryption (e.g. TLS), that a connector authentication has taken place exclusively for the data sharing negotiation. | Phase 1 Minimal | 4 | 0 | |
| [4.2.1.7] | Sharing Agreement - Negotiation - Negotiating Sharing Agreement | Verify that the system outputs logs detailing the sharing agreement process. Rank higher if the logs provide business information under a standard format. | Phase 1 Extended | 4 | N/A | |
| [4.2.3.1] | Sharing Agreement - Negotiation - Refusal Or Registration Of Sharing Agreement | Check whether the negotiation API, or the status messages, or the negotiation logs, are not accessible to entities other than the negotiating participants and the system admin (privileged role). | Phase 1 Minimal | 4 | 0 | |
| [4.2.3.2] | Sharing Agreement - Negotiation - Refusal Or Registration Of Sharing Agreement | Check whether the system provides a observability trace of the sharing agreement (privacy terms of observability are out of scope here). | Phase 1 Minimal | 4 | 0 | |
| [5.1.1.1] | Data Sharing - Data Sharing Request - Request Data Transfer | Coverage test: assess that the API is available and test that a data sharing request is properly covered: - Initiate a data sharing - Retrieve data sharing information and status - Receive data sharing request outcome condition - Retrieve data sharing information of past data sharing actions. The system ranks higher if the API is secured and implements common methods, like REST. | Phase 1 Minimal | 3.25 | 1.75 | |
| [5.1.1.2] | Data Sharing - Data Sharing Request - Request Data Transfer | Coverage test: for each data plane available, test a minimal data sharing and identify possible inconsistencies with the original data product protocol endpoint (e.g., during data querying, we aren’t allowed to send http headers to the data source). | Phase 1 Minimal | 3.28 | 4 | |
| [5.2.1.1] | Data Sharing - Data Sharing Activities - Enforce Usage Control | Test the policies that are supported out of the box. For the policies that are not supported, describe the effort of how to build them, and rank the system consequently (e.g.: create a plugin in a documented environment ranks better than integrating an external function that introduces dependencies and interface maintenance). | Phase 1 Minimal | 0 | 0 |