Findings use case Unattended home delivery by controlled and scalable data sharing
Today, the Data Sharing Coalition presents a report on the most important findings of the unattended home delivery use case. In this use case, the implementation effort of Authorisation Registers is reduced by developing a generic secure access hub (‘the Hub’). The Authorisation Register (AR) is used to manage data access policies at a single location in the ecosystem of this use case. This report consists of insights on the context of this use case as well as generic learnings about managing data access policies. It concludes that the generic part of the Hub can be re-used in other contexts.
In this use case, the implementation of Authorisation Registers by Merchants and Logistic Service Providers (LSPs) is simplified by developing a Hub for managing policies
The Chain Never Stops (TCNS) successfully executed a pilot with Dutch retailer Hoogvliet for unattended home delivery. According to TCNS’s data sovereignty principles, the mutual data access must be controlled by the organisations with rights on the data. This control is organised in data access policies and plays an essential role in the unattended home delivery solution. Managing these policies requires organisations (Merchants, LSPs) to adapt their IT systems which results in an implementation barrier. To be able to scale-up the pilot, this barrier must be reduced. This can be realised for Merchants and LSPs through an easy to implement tool for policy management to control who can access their data. Furthermore, such a tool enables Merchants and LSPs to only share parts of the data with relevant organisations thereby adhering to the data sovereignty principles. Supported by the Data Sharing Coalition, TCNS is developing the Hub based on Poort8’s Authorisation Registers to provide this tool. In the coming months, TCNS and Poort8 will pilot the Hub with a Dutch Merchant and LSP.
Generic learnings and generic part of the Hub can be re-used in other contexts
In the development of the Hub, the Data Sharing Coalition identified generic learnings related to data access policies. In general, managing data access policies is essential for realising controlled and scalable data access as it allows to conveniently control who has access to which data. Three common locations for storing policies were identified and analysed: at the Entitled Party, at the Data Provider and at a third party. The suitability of three locations depends on data sharing context of the use case. For the unattended home delivery solution an authorisation register is used for storing policies at a third party.
The generic part of the Hub will be made available open source when finished. This allows other use cases which make use of Authorisation Registers to manage access policies to reuse the design.
More details on the findings can be found in the report, which can be downloaded here.
If you would like to get involved in the use case, connect to TCNS/Poort8 or learn more about managing data access policies, please contact us.