Resource Server
Overview
The Resource Server is a key component of the IUDX-Novo data plane and implements the Resource (R) interface described in the high-level architecture.
It provides secure data access through standard REST APIs and functions as the policy enforcement point (PEP) for resource-level access control. All access requests are validated against authorization tokens and applicable policies before data is served.
The Resource Server also integrates logging services to ensure full auditability of data access operations.
Core Responsibilities
The Resource Server is responsible for:
Serving data to authorized Data Consumers
Enforcing access-control policies at the resource level
Validating authorization tokens presented by clients
Recording access logs for auditing and compliance
These responsibilities ensure that data access is secure, traceable, and policy-compliant.
Deployment Modes
Each Resource Server instance can be deployed in one of the following modes, depending on the data access pattern and operational requirements.
1. Data Ingestion Mode
In Data Ingestion Mode, Data Providers push their datasets to the IUDX platform using data adaptors.
Key characteristics:
Suitable for periodic or batch ingestion workflows
Data is stored and managed within the platform
Ideal for datasets that do not require real-time access
This mode enables centralized data hosting and simplifies access management for static or slowly changing datasets.
2. API Gateway Mode
In API Gateway Mode, the Resource Server acts as a proxy gateway and fetches data directly from the Data Provider’s systems in real time.
Key characteristics:
Supports on-demand, real-time data access
Data remains with the Data Provider
The Resource Server enforces policies and forwards validated requests
This mode is suitable for scenarios where data must always be retrieved dynamically from the source system.
Audit and Compliance
All data access requests are logged by the Resource Server
Logs capture token usage, resource identifiers, and access timestamps
These logs support auditing, monitoring, and regulatory compliance
Role in the Platform
Forms the data plane of IUDX-Novo
Integrates with Authorization and Consent services
Ensures secure and governed access to datasets
Last updated