Icebreaker One Trust Framework Documentation Technical documentation for the Icebreaker One (IB1) Trust Framework. Contents Introduction to the IB1 Trust Framework Overview and purpose of the guidelines What is the IB1 Trust Framework, how was it made and who is it for? How is the IB1 Trust Framework Structured? Dataset Search Governance Service Project Governance What data can be found and used through Open Net Zero? Open data Shared data Closed data What role does your organisation play in the IB1 Trust ecosystem? Data Providers Data Consumers Service Providers Dual Roles How does dataset access and licensing operate under the IB1 Trust Framework? Types of Access Conditions Creating Access Rules (Introduction) Data Licensing (Introduction) Future development of the guidelines Considerations Before You Start Introduction (Before you start) Considerations for Data Providers Considerations for Data Consumers Core Policies Introduction (Core Policies) Metadata Data Sensitivity Classes Policy details Data Access Conditions Policy details (Data access conditions) Group based access control Use case based access control Prioritisation Data Licensing Creating access rules Associating access rules with capabilities What are licenses and capabilities? How will capability grants work in practice? Obligations accompanying capability grants Why are we proposing this approach? Example access control and capability grant scenarios Risks of license proliferation Is there a risk of licences changing too frequently or without notice? Where are these rules specified? Where are these rules evaluated, and by whom? Service Desk and Notifications Dispute Resolution Guidance for Data Consumers Data Consumer Role and Responsibilities Data Consumer vs Service Provider Responsibility - Data consumption Responsibility - Data licensing Problem Resolution (Data Consumers) Effective resolution of problems (Data Consumers) Dispute resolution for access control and capability grant policies TFGS support Guidance for Data Providers Data Provider Role and Responsibilities Responsibility - Data classification Responsibility - Access and licensing specification Responsibility - Data provision Data formats Responsibility - Data integrity and correctness Responsibility - Metadata provision Responsibility - API availability Responsibility - API stability and change management Data API Requirements Date and time formats Endpoint security Open data endpoints Shared data endpoints Heartbeat and monitoring endpoint API documentation Versioning Problem Resolution (Data Providers) Effective resolution of problems (Data Providers) Online support Ticket management process Dispute resolution for access control and capability grant policies (Data Providers) OEGS support (Data Providers) Change Management Downtime Licensing and access control changes Data API changes Dual running and deprecation API credentials, consent and authorisation Common Security Requirements Applicable standards Discovery of endpoint URLs Token acquisition Token usage - calling a shared data API Request validation Token introspection Introspection response validation active time ranges certificate thumbprint Interaction header Other validation Trust Framework Architecture Data Set Metadata Metadata File Structure Content Block Additional metadata Access Block Transport Block Heartbeat URL Representation Block text/csv Other types Full Example Access Control and Capability Grant Language Syntax Names Rule syntax Conditions Unary clauses Binary clauses Example conditions Specifying multiple conditions Capabilities Standard capabilities Expressing Open Data licenses with capabilities Obligations Standard obligations IB1 Trust Framework Glossary Commercial Data Energy Technology Legal Icebreaker One Trust Framework Operational Other Policy and governance Regulated monopoly Regulatory Research Security Standard Technology Term - multiple uses Unit of measurement Additional Material Membership Search Related Technical Policy Reporting Engagement