Policies and Contracts play an important role in determining which partner may have access to which data and for how long. This article will help you to set up and define policies in Dataspace OS.
There are two basic types of policies:
Usage Policy - A usage policy outlines the rules and guidelines users must follow when accessing and interacting with assets, including restrictions on usage, data handling, and prohibited activities, to ensure safe, fair, and lawful use.
Access Policy - An access policy defines which business partner can access the service, what assets they can access, and under what conditions, ensuring secure and controlled entry based on user roles, permissions, and authentication requirements.
Usage policies and access policies are building blocks for contracts. Contracts in total define the terms and conditions under which partners may access and utilize assets, ensuring compliance with legal, security, and operational standards.
For more information, see What are Policies? and What is a Contract?.
You can also define Custom Policies, which may contain more specific and complex rules.
NOTICE
Contractual obligations outside of Dataspace OS
Policies and contracts are an important element of the data chain, data security and compliance with other contractual requirements.
Ensure that policies and contracts comply with the requirements that may exist outside of Catena-X Dataspace OS with your company and partners.
NOTICE
Policies are not editable
Policies can no longer be edited once they have been created.
If you find that a policy has been set up incorrectly, you must delete the affected policy and then set it up again correctly.
Requires Eclipse Dataspace Connector (EDC)
Policies are part of every EDC. To define a policy, you need an existing EDC (see Add an Eclipse Dataspace Connector (EDC)).
Step 1 - Policies View
From the menu, select Components.
Select the Eclipse Dataspace Connector to which you want to add a policy.
From the menu, select Policies.
This view allows you to search, add, edit, and remove policies, while displaying details such as policy type, name and creation date.
Step 2 - Add new Usage Policy Definition
A usage policy establishes the rules and guidelines that users must adhere to when accessing and interacting with assets, detailing usage restrictions, data handling procedures, and prohibited activities. An usage policy aims to ensure that resources are used safely, fairly, and in compliance with legal requirements, providing a framework that supports responsible, ethical, and lawful behavior while protecting organizational integrity.
Navigate to Components then select the EDC, where you want to add policies.
From the menu select Policies.
Select Add policy definition.
The new policy definition is set up in the dialog.From Policy type select Usage policy.
Select a framework agreement that reflects your desired use case for this policy (see table below). Multiple selections are possible.
Data can only be viewed or used by participants who have agreed to the selected agreements.Set a time limit for the policy.
InForce (Fixed) - Sets a time limit, specified by Date from until Date to.
InForce (Duration) - Sets a time limit, by Duration in Days.
Enter a meaningful policy name.
Select Save.
NOTICE
Data protection
If no time limit is set, the policy is valid indefinitely.
It is recommended that you always specify a target limit.
Agreement Types for Usage Policies
Agreement Type | Description |
Framework agreement (pcf) |
|
Framework agreement (traceability) |
|
Framework agreement (puris) |
|
Framework agreement (demand capacity) |
|
Framework agreement (data exchange governance credential) |
|
Framework agreement (quality) |
|
Framework agreement (behavioraltwin) |
|
Framework agreement (circularEconomy) |
|
Framework agreement (business partner) |
|
Step 3 - Add new Access Policy Definition
An access policy defines which groups and/or business partners are allowed to access a service. It ensures secure and controlled access by setting clear requirements for user roles, permissions, and authentication.
Navigate to Components, then select the EDC, where you want to add policies.
Select Add policy definition.
The new policy definition is set up in the dialog.From Policy type, select Access policy.
Select participants to whom this policy should grant access. Multiple selections are possible.
Membership - Members of the group "Membership".
Dismantler - Members of the group "Dismantler".
Business policy group (BPN) - Select one or more business partner numbers (BPN) from the list.
Enter a meaningful policy name.
Select Save.
NOTICE
Data protection
If no participant is set, the policy is valid for all participants of the Catena-X network.
It is recommended that you always specify participants.
Optional - Define Custom Policies
Defining custom policies is useful if you need even more rules and more complexity for your policies.
NOTICE
Data protection
Incorrectly configured policies can result in serious side effects and data loss.
Defining custom policies requires extensive knowledge about TractusX-EDC Policies and ODRL Information Model.
It is recommended to use the TractusX-EDC Policy Playouground to create custom policy definitions.
Navigate to Components, then select the EDC, where you want to add policies.
Select Add policy definition.
The new policy definition is set up in the dialog.From Policy type, select Custom policy.
Fill in the field with valid policy data.
Select Save.
Next Steps
After defining policies, you are now able to use the data sharing assistance like Get Data or Share Data.