The Gaia-X European Association for Data and Cloud AISBL (french: association sans but lucrative) is a non-profit association that represents the members of Gaia-X and promotes international cooperation. It is developing the legal framework of Gaia-X and ensures the availability of necessary services.
Accreditation is the third-party attestation related to a Conformity Assessment Body conveying formal demonstration of its competence to carry out specific Conformity Assessment tasks.
Architecture of Standards
The Architecture of Standards (AoS) document defines a target for Gaia-X by analysing and integrating already existing standards for data, sovereignty and infrastructure components and specifying which standards are supported.
Architecture Principles define the underlying guidelines for the use and deployment of all IT resources and assets across the initiative. They reflect a level of consensus among the various elements of the initiative and form the basis for making future IT decisions.
Element used to compose the Service Offering, which does not expose an endpoint.
A natural or legal person who is in legal possession of the Asset and is responsible to set policy rules on the Asset.
A Catalogue is an instance of the Federation Service Federated Catalogue and presents a list of available Service Offerings. Catalogues are the main building blocks for the publication and discovery by a Participant’s of Service Offering’s Self-Descriptions.
The provision by an independent body of written assurance that the Participants, Assets, Resources in question meet specific requirements.
An assertion made about a subject within Gaia-X.
Compatibility is defined according to ISO/IEC 25010:2011 as the degree to which a product, system or component can exchange information with other products, systems or components, and/or perform its required functions, while sharing the same hardware or software environment
Compliance refers to the accordance with Gaia-X Rules.
Compliance (Federation Service)
Compliance is a Gaia-X Federation Service. It provides mechanisms to ensure that Participants and Service Offerings in a Gaia-X Ecosystem comply with the Compliance framework defined by Gaia-X, e.g., in the Policy Rules.
Gaia-X promotes and supports an open source software community in which everyone can participate. The community – consisting of users and providers – works together on defined open work packages.
Conformity assessment is the demonstration that specified requirements relating to a product, process, service, person, system or body are fulfilled.
A Consumer is a Participant who consumes a Service Instance in the Gaia-X ecosystem to enable digital offerings for End-Users. Note: A Gaia-X Consumer will act as a Cloud Service Customer (CSC) of the relevant Provider but will probably also be offering cloud and/or edge services and thus acting as a Cloud Service Provider (CSP) in their own right to the customers and partners of their own business. The latter are considered End-Users from a Gaia-X perspective.
A Consumer Policy is a Policy in a technical sense that describes a Consumer’s restriction of their requested Assets and Resources.
Continuous Automated Monitoring
Process that automatically gathers and assesses information about the compliance of Gaia-X services, with regard to the Gaia-X Policy Rules and Architecture of Standards.
Contract represents the binding legal agreement describing a Service Instance and includes all rights and obligations.
Data Asset is a subclass of Asset and consists of data (also including derived data) in any form and includes the necessary information for data sharing.
Data Infrastructure refers to a federated technical infrastructure, consisting of components and services that make it possible to access data and to store, exchange and use it according to predefined rules.
A Data Ecosystem is a loose set of interacting actors that directly or indirectly consume, produce, or provide data and other related resources.
Data Privacy is defined according to ISO/TS 19299:2015, 3.32 as rights and obligations of individuals and organizations with respect to the collection, use, retention, disclosure and disposal of personal information
Data Exchange Logging Service (DEL)
Data Logging Service is a Federation Service of the category Data Sovereignty Service and provides log messages to trace relevant information about the data exchange transaction.
Data Sovereignty can be defined as a natural person’s or corporate entity’s capability of being entirely self-determined with regard to its data.
Data Sovereignty Service
Data Sovereignty Service is a Gaia-X Federation Service. It enables the sovereign exchange and use of data in a Gaia-X Ecosystem using digital Policies to enforce control of data flow(s) and provide transparency of data usages.
A Data Space is a virtual data integration concept defined as a set of participants and a set of relationships among them, where parti¬cipants provide their data resources and computing services. Data Spaces have following design principles: a) data resides in its sources; b) only semantic integration of data and no common data schema; c) nesting and overlaps are possible; d) spontaneous networking of data, data visiting and coexistence of data are enabled. Within one Data Ecosystem, several Data Spaces can emerge.
DIDComm lets people and software use DIDs to communicate securely and privately over many channels: It works over any transport: HTTP, Bluetooth, SMTP, raw sockets and sneakernet, for example.
The members of the Gaia-X Hubs are organised in several domain-specific working groups on a national level. Each domain is managed by a domain ambassador who coordinates the activities within the respective working group. The domains focus on collecting, analysing and evaluating use cases and defining domain-specific and cross-domain requirements. These form the basis for the growth of data infrastructures.
Digital Ecosystem is the network of developers, providers and users of digital products and services, combined with transparency, broad access and a vibrant process of interchange. Such a system thus serves as a crucial foundation for European growth, digital innovation and new business models.
Digital Sovereignty is the power to make decisions about how digital processes, infrastructures and the movement of data are structured, built and managed.
An Ecosystem is an independent group of participants that directly or indirectly consume, produce, or provide services such as data, storage, computing, network services, including combinations of them.
The Gaia-X Ecosystem consists of all individual ecosystems that use the Gaia-X Architecture and conform to Gaia-X requirements. Several individual ecosystems may exist (e.g., Catena-X), that orchestrate themselves, use the Gaia-X Architecture and may or may not use the Gaia-X Federation Services open-source software.
A natural person or process not being a Principal, using a digital offering from a Consumer. An End-User has an identity within the Consumer context.
Combination of a binding and a network address.
Federated Catalogue is a Gaia-X Federation Service. It enables the discovery and selection of Providers and Service Offerings in a Gaia-X Ecosystem.
Federated Trust Component
A Federation Service component, which ensures trust and trustworthiness between Gaia-X and the interacting Identity System of the Participant. This component guarantees identity proof of the involved Participants to make sure that Gaia-X
Participants are who they claim to be.
A Federation refers to a loose set of interacting actors that directly or indirectly consume, produce, or provide Assets and related Resources. Federations are operational independent to other federations.
Federation Services (FS)
The central Gaia-X Federation Services are needed to start a concrete Gaia-X operation, to establish the Gaia-X ecosystem on this basis and to enable the coordinated provision of Infrastructure Services, Interconnection Services and Dataspace Services.
Federators are selected within the federation and they are in charge of the Federation Services and the Federation which are independent of each other.
There can be one or more Federators per type of Federation Service.
The Gaia-X Ecosystem consists of the entirety of all individual ecosystems that use the Gaia-X Architecture and conform to Gaia-X re¬quirements. Several individual ecosystems may exist that orchestrate themselves, use the Gaia-X Architecture and may or may not use the Gaia-X Federation Services open source software.
One unique attribute used to identify an entity within the Gaia-X context and following Gaia-X format.
The Gaia-X Portal is a Federation Service to support Participants in interacting with central Federation Service functions via a graphical user interface.
GitLab is a web-based DevOps lifecycle tool that provides a Git repository manager providing wiki, issue-tracking and continuous integration and deployment pipeline features, using an open-source license, developed by GitLab Inc.
GitOps is a logical extension of the idea of infrastructure-as-code, which makes it possible to define infrastructure with the help of code, primarily in public clouds. Architecturally, GitOps enables the continuous integration (CI) of an application to be separated from its actual deployment process
The Gaia-X Hubs give users a voice at the national level. They develop ecosystems, bundle national initiatives and are the central contact point for interested parties in the respective country. A Hub focuses on the exchange with other regional Gaia-X Hubs in Europe and worldwide in order to ensure international alignment regarding their activities, the definition of requirements and the identification of regulatory hurdles.
One unique attribute used to identify an entity within the Gaia-X context and following the Gaia-X format.
Identity and Trust is a Gaia-X Federation Service. It ensures Participants in a Gaia-X Ecosystem are who they claim to be and enables identity and access management for Providers and Consumers.
An Identity is a representation of an entity (Participant/Asset/Resource) in the form of one or more attributes that allow the entity to be sufficiently distinguished within context. An identity may have several Identifiers.
An Identity System authenticates/provides additional attributes to the identity of the Gaia-X Principal and forwards this identity to the requestor. A Gaia-X accredited Identity System follows a hybrid approach and consists of both centralized components, like company identity management systems, and decentralized components like Decentralized Identifiers (DIDs).
Information Rights Management
Information Rights Management (IRM) is a sub-type of Digital Rights Management (DRM) used (as one option) for the protection of enterprise data and to ensure usage only by authorised parties and only according to agreed license terms. In Gaia-X this could include technology to restrict access to users within the EU or another jurisdiction after the data has been delivered. Due to cost and complexity, IRM is most likely to be used only on the most valuable or sensitive shared data, or where liability could arise from misuse by the recipient.
An Interconnection is a connection between two or multiple Nodes.
These nodes are usually deployed in different infrastructure domains and owned by different stakeholders, such as customers and/or providers. The Interconnection between the nodes can be seen as a path which exhibits special characteristics, such as latency and bandwidth guarantees, that go beyond the characteristics of a path over the public Internet.
Interoperability is defined according to ISO/IEC 17788:2014.
It means that different information systems, devices and applications (systems) can access, exchange, integrate and use data in a coordinated way within and across organisational, regional and national borders.
Kubernetes, also known as K8s, is an open-source system for automating deployment, scaling, and management of containerized applications.
LCM Engine: Service which belongs to the Portal. During the life cycle management of a Gaia-X service, it acts as the interface between the Portal, the LCM services and the PPR.
A Gaia-X Node is a compute and storage resource. Nodes are generic in the sense that different Services can be deployed on them. Nodes have a known certification level and a geographic location.
Onboarding and Accreditation Workflow (OAW)
The onboarding and accreditation workflow is a Federation Service of the category Compliance and concerns the initial onboarding and accreditation of Gaia-X Participants.
OpenStack is a free, open standard cloud computing platform. It is mostly deployed as infrastructure-as-a-service (IaaS)
A Participant is an entity which is identified, onboarded and has a Gaia-X Self-Description.
A Participant can take on one or multiple of the following roles: Provider, Consumer, Federator.
A statement of objectives, rules, practices or regulations governing the activities of people within a certain context. They are placed in the Federation Service of Compliance.
Statements, rules or assertions that specify the correct or expected behavior of an entity.
In the conceptual model, they appear as attributes in all elements related to Assets and Resources.
A Portal supports the registration of organizations as new participants. This process provides the steps to identify and authorize becoming a participant. Participants can then interact with central Federation Service functions via a graphical user interface.
Portability means that a software can be used in different operating systems. When software with the same functionality is produced for several computing platforms, portability is the key issue for development cost reduction
A participant can take on one or multiple of the following roles: provider, consumer, provider consumer, and federator. Provider and consumer present the core roles that are in a business-to-business relationship while the federator enables their interaction. For each participant a technical account is derived, referred to as Gaia-X User. As an example, if a company becomes a Gaia-X participant, there can be many employees of that company with individual accounts. Actions performed by a User are made on behalf of the participant from which the user is derived.
A Principal is an individual (natural person or a digital representation) which is responsible or authorized to act on behalf of the organization.
Privacy by Design (PBD)
Privacy by Design means that data protection is already considered during the design and development of software and hardware for data processing. By means of user-friendly pre-settings, only data that are necessary for the respective processing purpose are to be collected. This is to limit interference with the protective rights of the users concerned.
Organisation or entity responsible for making a Service/Node available to the Gaia-X ecosystem.
Provider Access Management (Provider AM)
The Service Ordering Process will involve the Consumer and the Provider.
This component is internal to the Provider. The Service Provider will create the Service Instance and will grant access to the Consumer for this component.
The Self-Description Graph contains the information imported from the Self-Descriptions that are known to the Catalogue and have an “active” lifecycle state.
A Resource is an internal building block, not available for order, used to compose Service Offerings. Unlike an Asset, it exposes endpoints.
Prominent attributes of a Resource are the location – physical address, Autonomous System Number, network segment – and the jurisdiction affiliations.
The REST API is the main external interface for users to interact with the Catalogue.
Security by Design (SBD)
Security by Design means that security requirements for software and hardware are already considered during the development phase of a product to prevent later security gaps.
A Self-Description expresses characteristics of an Asset, Resource, Service Offering or Participant and describes properties and Claims and are linked to the Identifier.
A Service Offering is a set of Assets and Resources, which a Provider bundles into an offering. A Service Offering can be nested with one or more other Service Offerings.
Service Composition is the ability for a Service Offering to describe and require presence of functional dependencies. A functional dependency is exposing behaviors in reaction to external actions,matching its requirements and characteristics. In the Gaia-X conceptual model, a Service Offering‘s functional dependencies can be Resources, Assets or other Service Offerings.
A Service Instance is the instantiation of a Service Offering at runtime, strictly bound to a version of a Self- Description. The Service Instance has a unique Identity and can be composed of one or more atomic building blocks which must be identifiable as they are associated with a Service Subscription.
A Service Subscription is an agreement (contract) between a Consumer and a Provider, to allow and regulate the usage of one or more Service Instances. It is related to a specific version of a Service Offering from which it derives the attributes of the Service Instances to be provisioned. The Service Subscription has a distinct lifecycle from the Service Offering and additional attributes and logic.
Software Assets are a form of Assets that consist of non-physical functions, like source-code. A running instance of a Software Asset has a PID and is considered to be a Resource.
Self-Sovereign Identity (SSI) is a term used to describe the digital movement that recognises an individual should own and control their identity without the intervening administrative authorities.
SSI Standards W3C
Self-sovereign identity (SSI) is a term used to describe the digital movement that recognizes an individual should own and control their identity without the intervening administrative authorities.
The Technical Architecture describes the overall concept and its components of how to achieve the goals of Gaia-X. The Technical Committee releases information about the current working status via the Technical Architecture Paper.
Usage Control is a technical mechanism to enforce usage restrictions in the form of Usage Policies after access has been granted. It is concerned with requirements that pertain to future usages (obligations), rather than (e.g., data) access (provisions).
A Usage Policy is a Policy in a technical sense, by which a Provider constraints the Consumer’s use of the Assets and Resources offered.
A Gaia-X Use Case is a potential application for cross-sector or industry-specific innovation, which makes use of and is based on the Gaia-X Federation Services. Various Use Cases from different domains submitted in the Gaia-X Hubs demonstrate the advantages of a data infrastructure. They demonstrate the need as well as the dependencies and the added value of the ecosystem and describe benefits for (cross-)domain exchange supported by Gaia-X. In addition, use cases help to identify domain-specific and cross-domain requirements. These are incorporated into the development of Gaia-X.
A user can be an organization, entity or person, that participates in the Gaia-X ecosystem. In particular, it makes use of Services provided by Gaia-X when connecting their application in the ecosystem.
Anonymous, non-registered entity (natural person, bot, …) Browsing a Gaia-X Catalogue.
Working Groups (WG)
The Working Groups are located within the AISBL’s Technical Committee. They deal with defined tasks. Only members of the AISBL can participate in the Working Groups.
Work Packages (WP)
The open Work Packages deal with defined tasks and follow a similar working mode as the permanent Working Groups. All participants of Gaia-X can contribute to the open work packages. Deliverable of them can be position papers, technical evaluations, whitepapers, proposals etc.