The Dataspace Protocol enables the interaction between participants of a Dataspace.
A Dataspace Authority manages one or more Dataspaces. This will include Participant registration and may entail mandating business and/or technical requirements. For example, a Dataspace Authority may require Participants to obtain some form of business certification. A Dataspace Authority may also impose technical requirements such as support for the technical enforcement of specific usage policies.
A Dataspace Registry or Data Registry Services record dataspace participants.
A Participant is a member of one or more Dataspaces. A Participant registers Participant Agents that perform tasks on its behalf.
A Participant Agent performs tasks such as publishing a Catalog or engaging in a Transfer Process. In order to accomplish these tasks, a Participant Agent may use a verifiable presentation generated from a credential obtained from a third-party Credential Issuer. A Participant Agent may also use an ID token issued by a third-party Identity Provider. Note that a Participant Agent is a logical construct and does not necessarily correspond to a single runtime process.
An Identity Provider is a trust anchor that generates ID tokens used to verify the identity of a Participant Agent. Multiple identity providers may operate in a Dataspace. The types and semantics of ID tokens are not part of this specification. An Identity Provider may be a third-party or a Participant itself (for example, in the case of decentralized identifiers).
A Credential Issuer issues verifiable credentials used by Participant Agents to allow access to Datasets and verify usage control.