The Certification of the International Data Space is of fundamental importance for IDS and one of its core components. Certification in general provides a very high degree of transparency. This transparency is achieved by making the requirements for the auditee and the auditors and the complete certification process available for public. The transparency is also key for the main goal of certification: Trust. Trust is the basis for a successful collaboration between partners, in business as well as in social life. Due to the importance of collaboration for the IDS, certification works as an enabler for business and use cases. Collaboration is the basis for the IDS itself and therefore, it is necessary to establish trust by certification between the partners in IDS.
Certification is providing this trust by ensuring the security for everyone in a transparent way. Security is and will always be relative, but certification defines a standardized level for security related to technical and organizational aspects. The IDS needs this trust through certification. Therefore, IDS Certification is tailormade for the specific IDS context. This IDS Certification is compatible with commonly used security standards like ISO 27001 and IEC 62443, so existing documentations and setups for the achieved certifications can be re-used in IDS. This minimizes the effort during IDS certification process for the organizations involved.
The component certification required for participating in the IDS serves the purpose of proving the trustworthiness of the developed components by evaluating the fulfilment of functional, security-relevant, and procedural requirements. An IDS component can fulfil three different security profiles (Base, Trust, Trust+), and will be indicated at the issued certificate. The certificate is the most important prerequisite for a component being used within the IDS.
The operational environment certification serves the purpose of proving the trustworthiness of the participating organizations by evaluating the fulfilment of several technical and procedural requirements for the operational environment. Also here, there are several security profiles an operational environment can fulfil and will be indicated at the issued certificate. For the organization, the resulting certificate is the most important prerequisite for access to the IDS.
The entire certification process consists of three steps as shown on the leaflet "How to Get IDS Certified?"
- We will consult you on the process and help you find the perfect partner.
- Onboarding session with your Evaluation Facility. You will get your individual audit road map.
- The Evaluation Facility will start the audit process and collaborate with you on collecting all necessary documents and information.
Here you can find more information about the roles involved in the certification process.
You can get more information via IDSA Website If you need more details (on services, costs, or looking forward to initiate the certification process, you can contact IDSA Head Office via email: ([email protected])
IDS Testbed project ensures and facilitates integration of IDS connector into existing (eco)systems.
The IDS Reference Testbed is a set up with Open Source IDS components which can be used to verify that a component:
-
implements the IDS specifications for establishing connections and communication.
-
and, thus, can work interoperable with all IDS components in the testbed setup.
IDS-Testbed documentation includes
- An installation guide with instructions to install the testbed and each individual component
- An interconnectivity guide to connect the different components to one another
- A user guide that explains:
- how you can connect the connector you have developed to the components of the testbed.
- how to get a certificate
- how to register at the DAPS
- etc
Here you can download and install the IDS Testbed.