Full ID:

ONPRO

Description:

To help understand the content of this document, readers should familiarize themselves with the key definitions and actors and the business process introduction containing the diagram legend.

The onboarding process for a new Applicant details the tasks and decisions required to onboard a new organisation to a Dataspace. Both Providers and Consumers can apply to a Dataspace and will be referred to as (Dataspace) Applicants from here on. Dataspace Applicants are assumed to be an organisation and not an individual person. The Applicant Representative, the person/people acting on behalf of the Applicant, applying to the dataspace is assumed to be a member of the Applicant organisation's directory.  

Applicants submit their onboarding requests to the Governance Authority. Upon approval, they set up the Simpl-Agent, a local gateway enabling interaction with the dataspace. As such installing the Simpl-Agent is a crucial step for onboarding to the dataspace. The Applicant Representative must install and configure the Simpl-Agent. After successful setup, the Applicant receives the necessary security credentials, completing the onboarding process and allowing participation in the dataspace. 

The actors involved in this process are the: Governance Authority, Applicant, and Applicant Representative.  

 Prerequisites for the business process: 

The following prerequisites must be met to enable the process to occur: 

1. Dataspace description: The document(s) describing the dataspace’s objectives, candidature criteria and requirements applicable to an organisation for onboarding must be developed and made available to a potential applicant (e.g., website publication). 
    

Business Process Diagram & Steps 

This chapter presents a diagram visualizing the business process, labelled with specific steps. Each step is further detailed in the accompanying 'Step Description'. 

Steps Description: 

Below there is the description of the steps involved in this business process. Each step outlines the specific actions and decisions required to successfully complete the process: 

1. Prepare & submit onboarding request: This initial step involves the prospective Applicant preparing a comprehensive application to participate to the dataspace, gathering the required information based on the documentation made available by the Governance Authority (see prerequisites 1). After the preparation of the onboarding request, the Applicant fills in and digitally signs the forms and any other documents that may be mandatory, and submits them to the Governance Authority for review. 
2. Review onboarding request: After receiving the onboarding request, the Governance Authority starts the review of the process. It verifies the Applicant’s onboarding request against a predefined set of criteria and the alignment with the dataspace objectives (see prerequisite 1). The review process of the onboarding request can be either manually or automatically done by the Governance Authority. 
3. Request Approved?: As an outcome of the review in step 2, the Governance Authority approves or rejects the request. If the request is approved, the process continues to agent deployment in step 4. In case deficiencies are found, the Applicant shall be allowed to address them and start over the process from Step 1.  
4. Agent deployment: If the application is approved, the ApplicantRepresentative downloads and installs the minimal set of modules from Simpl-Open that are required to have an operative Simpl-Open agent. The ApplicantRepresentative then deploys and configures the Simpl-Open modules on the Applicant's infrastructure to establish the necessary environment for operation within the dataspace. 
5. Generate public/private keypair: The Applicant's agent generates a public/private key pair to enable encrypted communications and data integrity within the dataspace. The private key is securely stored in the agent. The applicant representative shares the public key with the Governance Authority to request signed security credentials.  
6. Create & sign security credentials: The Governance Authority creates and signs digital security credentials (e.g., x.509 certificates) incorporating the Applicant's public key, which serves to verify that the security credentials are issued to the correct entity. 
7. Send the security credentials: The Governance Authority sends the signed security credentials to the Applicant. The security credentials are essential to ensure secure operations within the dataspace. 
8. Store & install security credentials: The Applicant Representative stores and installs the signed identity security credentials in its Simpl-Open Agent. After which the Applicant Representative initiates the verification request of the installed security credentials to the Governance Authority to verify if the secure connection is operational. 
9. Verify security credentials: The Governance Authority verifies the received identity security credentials.  
10. Passed Verification?: As an outcome of the review in step 9, if the Applicant passed the verification check, then the process moves to step 13 If the participant fails the verification check, then the process moves to step 11 
11. Notify of failure: The applicant is notified of the failure by the Governance Authority. 
12. Remediate issues: The Applicant is offered the possibility to correct issues or deficiencies discovered by the Governance Authority during the verification process. After the corrections are made, the applicant can return to step 9 to retry verification. 
13. Notify of a successful verification result: The applicant is notified of its verification and is successfully onboarded onto the dataspace. 

Status: 

Proposed

Related to:

• 3a - Onboarding of a New Dataspace Participant - Providers (data - application - infrastructure) & Consumers
  • Onboarding of a new data space participant - supporting onboarding
  • Onboarding of a new data space participant - onboarding procedure
  • Onboarding of a new data space participant - attribute placement during onboarding
  • Onboarding of a new data space participant - finalizing onboarding
  • Onboarding of a new data space participant - participant actions