A strong data ecosystem and the applications and services that are built on it require the sharing of data. Within companies, processes can be made more efficient through the simple provision of data.
Even between companies, seamless data sharing improves collaboration — for example, along service relationships and supply chains (data portability). While data is shared, data owners must retain sovereignty and control over their data (data sovereignty). For instance, a tax advisor might share a business evaluation with their client and allow further sharing of this data with selected third parties, such as a bank for a business loan application.
In the B2B context, there is a pressing need for automated, occasion-driven, and efficient data exchange between data-providing and data-consuming companies. This can unlock new business relationships and reduce the effort required for individual API solutions. At the same time, issues associated with centralized platforms, such as power concentration, data protection, and loss of data sovereignty — common in social networks — should be avoided.
One approach to making corporate data portable and enabling sovereign data sharing is through the concept of a data intermediary, who mediates between data-providing and data-consuming companies. The research project MANDAT, which was funded by the BMBF and involved DATEV eG, KIT (Dr. Käfer, a member of the Karlsruhe Institute of Technology’s Web Science Research Group), and FAU (Prof. Dr. Harth, Chair of Information Systems, especially Technical Information Systems, at Friedrich-Alexander-Universität Erlangen-Nürnberg), explores methods to exchange corporate data in decentralized intermediary-based data ecosystems on the web.
The MANDAT project focuses on exchanging sensitive business data with large platform companies because of weak data protection laws. Yet, this data must be shared between various parties to provide services — for instance, in tax or legal consulting or in cross-company value chains. We use Solid technology to solve these problems. What is “solid”? Solid (formerly Social Linked Data) is a web technology initiated by Sir Tim Berners-Lee, the inventor of the World Wide Web. By restoring users’ control over their personal data, Solid hopes to fundamentally alter the way data is shared online. The concept is based on decentralized web principles and uses existing Semantic Web and Linked Data technologies.
The current web model, in which businesses frequently control user data, is being challenged by Solid. A key #principle of Solid is the separation of data and applications, based on decentralized principles. This empowers users with greater sovereignty and responsibility over their data, enhancing both privacy and interoperability.
Decentralized Data Management
Data and applications are separated by solid. Users store their data in Solid Pods. Users retain control over their data, and applications only have limited access to it, as opposed to apps or platforms storing it like Facebook and Google do. Pods that are solid (personal online data stores) A Solid Pod is a secure online data store, akin to a data safe, where users can store their data. Data owners control who can access which parts of their Pod, managed through fine-grained permissions. This data can be used by various applications, but the user decides who and what can access it.
Interoperability
Solid Applications access the user’s Solid Pods instead of isolated databases. Because of this, apps can all access the same data if the user allows it, which encourages interoperability. For example, you can use your contacts and files across different social networks or applications without uploading your data multiple times.
Control and privacy of data Users have complete control over their data with Solid. They can decide which parts of their data are accessible to which applications and users. If they want to revoke access to an app or service, they can do so at any time.
Linked Data
Solid is based on the principles of Linked Data and the Semantic Web, which means that data are standardized and connected. This enhances the discoverability and usability of data for people, machines, and applications.
Identities Decentralized Users have a WebID (an authentication and authorization infrastructure) provided by a decentralized identity provider. This identity is not tied to a central platform, making it platform-independent and usable for authentication across various services.
APIs and Protocols
Standardizing interactions between Pods and applications, Solid makes use of existing web standards like HTTP, RESTful APIs, RDF (Resource Description Framework), and WebID. What Does This Mean for Developers?
Developers of Solid apps can focus more on implementing business logic compared to traditional web app development. In Solid, business logic, data, and identities are modularly interconnected through W3C-standardized communication, allowing for reusability.
Solid Pods are hosted by any Pod provider, where users store and manage their data under their WebID. When using a Solid app, users log in via OIDC (an extension of the OAuth 2.0 standard) to their Pod provider, granting the app access to their data. This eliminates the need to manage a separate database. Importing or exporting data does not require individual APIs for external services. Even login interfaces become unnecessary, as the login occurs with the Pod provider. Developers no longer need to build extensive authentication and authorization infrastructures.
For managing data access permissions in Solid Pods, users choose a third-party authorization application. Their WebID profile contains a link to this application’s URI. The Solid app can direct users to the authorization application of their choice when data sharing is required within an application workflow. This also eliminates the need to implement access controls in the Solid app.
Consequently, developers looking to release new apps within a Solid ecosystem can focus more on implementing essential business solutions and delivering them to users faster.
The Potential of Solid
Solid has the potential to simplify and accelerate the development of business solutions while providing an ideal foundation for sharing data within and between companies. By adhering to Solid principles, companies retain control and sovereignty over their data, enabling them to share it easily and on-demand with business partners or customers.