Support for Model-Based Data Sovereignty Analysis

By: Sanjeev Sun Shakya, Qusai Ramadan, Julian Flake, Alexander Peikert

Abstract

The rapid growth of data as a commodity has led to the rise of data space ecosystems, emphasizing secure and sovereign data exchange across company borders. The International Data Spaces Reference Architecture Model (IDS-RAM) and Dataspace Protocol represent frameworks designed to enable secure and standardized data sharing across organizations and sectors. As with any traditional system, to ensure compliance with data security and sovereignty requirements, adherence to IDS-RAM and data space protocols must be integrated from the design phase of data space systems. For this, our contributions in this paper are threefold: (i) a mapping from requirements of IDS-RAM and Dataspace Protocol specifications to model-based analysis checks of UMLsec and existing extensions, (ii) two data sovereignty-oriented checks as extensions to UMLsec, namely Usage Control and Transfer Process Protocol, and (iii) an applicability evaluation based on a case study of the European Health Data Space (EHDS).

Keywords

Data Sovereignty, Data Spaces, Reference Architecture, Model-based Analysis, Requirements, UMLsec, CARiSMA.

Cite as:

Sanjeev Sun Shakya, Qusai Ramadan, Julian Flake, Alexander Peikert, “Support for Model-Based Data Sovereignty Analysis”, Journal of Object Technology, Volume 24, no. 2 (May 2025), pp. 2:1-14, doi:10.5381/jot.2025.24.2.a9.