Agriculture Data Exchange
Use Cases
- Consent manager block enables data request transactions and provides authorization based on data owner’s consent.
- Data consumers in the ecosystem can request for data owners consent to consume data that exists in Krushak Odisha DB for providing services.
- Stores and updates farmer consent for usage of data attributes by requesting party.
Archietecture
Agriculture data exchange is a Data Empowerment And Protection Architecture (DEPA) compliant data fiduciary block that enables farmer consent driven access to data for third-party data requesters.
Guiding design principles
- User Centricity: Users should be at the center of any data sharing and should be given adequate control and decision-making power on how data associated with them is shared
- Trustable and IT Act Compliant: Use digital signatures to guarantee integrity of access permissions given by users in consent flows. This avoids security issues faced by existing approaches and also makes the framework fully legal under the IT Act
- Universal Identity: The technical framework should leverage universal, authenticable, non-repudiable, and digital identities to allow interoperability across service providers.
- Granular Control: The framework should allow users to set permissions and rights for data access at a granular level
- Open Standards Based: The framework should use open technology and legal standards available in the country. It should be agnostic to applications, programming languages, and platform
Agri Data Exchange performs the following :
- Consent manager block enables data request transactions and provides authorization based on data owner’s consent
- Data consumers in the ecosystem can request for data owners consent to consume data that exists in (state agricultural database) for providing services
- Stores and updates farmer consent for usage of data attributes by requesting party
Block functions
- Authentication - Verifies the authenticity of a data consumer
- Consent artifact - A consent artifact is a machine-readable electronic document that specifies the parameters and scope of data that a user consents to in any data-sharing transaction. In this framework, consent must be digitally signed, either by the user or by the consent collector or both
- Authorization (GateKeeper) - Verifies if the Query requested has the required permisions from the data owner (farmer) (checks if query is a subset of Consent Artifact)
- Query Resolver - Verifies Queries and gets data from external sources/ or state databases
- Consent Manager - Creates and Manages the lifecycle of a Consent Artifact. From request, ,generation, and revoke/expiry
- UI for Consent Manager
- UI for User
Consent lifecycle
- Consent Approval - Results in creation of a Consent Artifact
- Consent Revocation - Results in a revoked Consent Artifact
- Data Consumption - Consumer successfully gets data back when sharing a valid consent artifact
- Logging and Notification - All events in the consent flow and data flow must be logged and notified as necessary using Consent Log artifact. A log artifact contains the consent artifact along with information about when and by whom the log was created
Sample Consent Artifact
