Interface Architecture

Overview

This section describes the interface-level architecture of the Intelligent Universal Data Exchange (IUDX-Novo) platform. It outlines the core functional interfaces, their responsibilities, and how Data Providers and Data Consumers interact with the system.

The architecture follows a modular and standards-aligned approach, enabling secure, interoperable, and scalable data exchange across domains.

Core Interfaces

The IUDX platform exposes the following core interfaces, which together form the functional backbone of the system:

  • Resource / Data Access (R)

  • Discovery (D)

  • Management (M)

  • Authorization & Access Control (A)

  • Consent (C)

  • Identity

These interfaces collectively enable resource discovery, access control, consent enforcement, and secure data access.

Standards Alignment

  • The Resource (R), Discovery (D), Management (M), and Authorization (A) interfaces are aligned with the IS 18003 Unified Data Exchange (UDEX) BIS Standard, ensuring interoperability and standardized data exchange.

  • The Identity service is implemented using the OpenID Connect (OIDC) protocol.

  • The Consent (C) interface operates through an out-of-band consent mechanism, decoupled from synchronous data access.

Interaction Model

Data Providers

Data Providers interact with the platform primarily through the Management (M) and Consent (C) interfaces to:

  • Maintain and manage resource metadata

  • Define and manage access-control policies

  • Publish, update, and revoke Consent Forms

  • Review and handle Consent Requests from Data Consumers

Data Consumers

Data Consumers typically follow the workflow below:

  1. Use the Discovery (D) interface to identify available resources

  2. Request and obtain Consent using the Consent (C) interface

  3. Request an access token via the Authorization (A) interface

  4. Present the access token to the Resource (R) interface to retrieve data

This sequence ensures that all data access is consent-driven, policy-compliant, and auditable.

High-Level Architecture Diagram (Interface View)

img.png

Figure: High-Level Architecture for IUDX (Interface View) ⚠️ Note: This diagram must be updated for IUDX-Novo.

Interface Responsibilities

Interface
Functionality
Primary Users

Management (M)

Create, update, and delete resource metadata in the Data Explorer. Create, update, and deactivate access-control policies for non-personal datasets.

Data Providers and their Delegates

Consent (C)

Upload Consent Artifacts for a resource, purpose, and Data Principal. Revoke and audit Consent Artifacts using the Consent Validator.

Data Providers, Data Consumers, and Delegates

Discovery (D)

List and search resource metadata in the Data Explorer.

Data Providers, Data Consumers, and Delegates

Authorization (A)

Obtain access tokens from the Authorization Server.

Data Providers, Data Consumers, and Delegates

Resource (R)

Retrieve data for a resource from the Resource Server using a valid access token.

Data Consumers and their Delegates

Identity

Register users, clients, and services with the IUDX platform using standards-based identity protocols.

Data Providers, Data Consumers, and Delegates

Key Architectural Characteristics

  • Standards-compliant interfaces for interoperability

  • Decoupled consent enforcement for privacy preservation

  • Token-based access control for secure data retrieval

  • Clear separation of control plane and data plane

  • Auditability across authorization and consent workflows

PreviousTechnologyNextarchitecture

Last updated