IOTICSpace

An IOTICS data ecosystem is formed of multiple IOTICSpaces. Each party has its own IOTICSpace, which contains one or more Digital Twins. Each IOTICSpace presents its own API.

On this page we will cover:


An introduction to IOTICSpace

In IOTICS, each party has its own IOTICSpace (represented as a circle), which together form a decentralised data ecosystem.

Each IOTICSpace contains one or more Digital Twins (represented as a dot). The twins can publish and exchange data with other Digital Twins in your own or others' IOTICSpaces.

15171517

The owner of an IOTICSpace is in control of all its twins, and therefore of all the data stored and streaming through them. Owners can decide to make their twins visible (or not) and to share data with all, none, or a select number of parties and, by extension, join one or more data ecosystems or consortia.

The formation of IOTICSpaces might look similar to the illustration above where all parties can find and access data from the other parties’ shared twins.

Each IOTICSpace comes fully deployed and set up on the IOTICS Cloud. The ecosystem is built on a decentralized infrastructure, so each IOTICSpace is deployed on its own and data separation is guaranteed. Each IOTICSpace also presents its own API.


Technical components

Each IOTICSpace corresponds to one node called “Host” on the decentralised IOTICS network. The Digital Twins therefore “live” and are stored within the Host.

🚧

IOTICSpace = Host

For the purposes of this guide, we’re using the terms IOTICSpace and Host interchangeably.

Each Host has its own metadata storage database, therefore ensuring separation of metadata and data per IOTICSpace (important for machine-readability) as well as guaranteeing the separation of data by owner across the network.

Each IOTICSpace or Host has:

  1. One Twin of the Host - the Host Twin - controlling access permissions
  2. Multiple Digital Twins, owned and controlled by the owner of the IOTICSpace
  3. Its own API
  4. Its own metadata database
  5. Its own user interface, allowing non-technical users to create and manage Digital Twin Models, Twins and Data Interactions. Your user interface can be accessed at https://{your-space-name}.iotics.space.

When configuring your IOTICSpace, consider the following best practices:

  1. Who owns and controls the data? An IOTICSpace should belong to one and only one party, which owns and controls all the data within it.
  2. Who should have access to the data? And who shouldn’t have? Access to your IOTICSpace can be granted to all, none or select other IOTICSpaces. You can update your IOTICSpace permissions through the Host Twin (see Selective Sharing for Metadata and Data )
  3. If you require more granular access permissions, remember that selective access can also be granted on a Digital Twin level to all, none or select other IOTICSpaces (see Selective Sharing for Metadata and Data )

IOTICSpace access permissions

  • API AllowList

Whether specific User Identities can access the Host through the IOTICS API. This AllowList applies only to the Host Twin, not to other Twins in the Host, and it has to be manually created. It’s important to remember that:

  • The API AllowList is empty by default, which means all the authenticated User DIDs are authorised to talk to the Host.
  • It can contain one or more DIDs. If it contains DID1 and DID2, only DID1 and DID2 are authorised to send requests to the Host.

The API AllowList is configured by updating a specific property within the Host Twin’s Metadata, determined by the Key-Value pair:
KEY = http://data.iotics.com/public#apiAllowList
URI_VALUE = did:iotics:didexample1234abcd

  • Selective Metadata Sharing

Whether a Digital Twin's Metadata can be found and described from other Hosts.
It can be enabled selectively on a twin-by-twin basis.

The Twin's Metadata Sharing setting is configured by updating the Digital Twin's hostMetadataAllowList property.

The Host Twin’s Metadata Sharing setting is configured by updating its hostAllowList property.

The Key-Value pairs used for this purpose are the following:
KEY = http://data.iotics.com/public#hostMetadataAllowList
VALUE_ALL_HOSTS = http://data.iotics.com/public#allHosts
VALUE_NO_HOST = http://data.iotics.com/public#noHost
VALUE_HOST_ID = did:iotics:didexample1234abcd

  • Selective Data Sharing

Whether a Digital Twin's Data can be accessed or not from other Hosts.

It can be enabled selectively on a twin-by-twin basis.

The Twin's Data Sharing setting is configured by updating the Digital Twin's hostAllowList property.
The Host's Data Sharing setting is configured by updating the Host Twin's hostAllowList property.

The Key-Value pairs used for this purpose are the following:
KEY = http://data.iotics.com/public#hostAllowList
VALUE_ALL_HOSTS = http://data.iotics.com/public#allHosts
VALUE_NO_HOST = http://data.iotics.com/public#noHost
VALUE_HOST_ID = did:iotics:otherexample1234abcd

For more information about access permissions, including examples of how to update them, go to:



What's next?