This part of the iSHARE Trust Framework is considered normative and is therefore compliant with RFC 2119.
This admission process describes the steps that all parties MUST take to be admitted to the iSHARE network. For Certified Parties and Satellites additional steps are required and are described below. The process is the responsibility of, and facilitated by, the Satellite (or the Scheme Owner). The process of onboarding and admission can be delegated to a Satellite administrator.
Admission of prospective ISHARE participant includes:
- A potential Adhering Party wants to start fulfilling one or more adhering role(s) in the network.
- A potential Certified Party wants to start fulfilling one or more certified roles(s) in the network.
- An already Adhering and/or Certified Party wants to expand its current role(s) by one or more role(s) in the network.
Note: prospective participants can start testing at any moment in time before initiating the admission process.
The goal of the admission process is to let prospective participants join the iSHARE Network in a simple and controlled way. A controlled admission process is important to warrant trust in the iSHARE Trust Framework. It provides assurance that all parties signing an accession agreement fulfil the scheme's accession criteria.
To be admitted to the iSHARE network as a full participant (data service provider or consumer), prospective participants need to comply with several criteria*:
- Provide a signed iSHARE accession agreement;
- Provide a valid EORI number (or a valid nationally recognised company identification number based on which EORI can be verified);
- Provide a Qualified Electronic Seal (eSEAL) digital certificate (public key). Currently, any valid eIDAS eSEAL certificate is accepted;
- Provide a successful test report of iSHARE conformance test tool.
* For operational reasons, additional admission criteria MAY apply.
|Valid EORI number
Successful test report of iSHARE conformance test tool
|X (only for Service providers)
|(Not required unless also playing role of Service provider/Certifying party)
|Signed Accession agreement
|X (optional for Entitled Party)
The above table shows the Onboarding/ Admission criteria and the Onboarding parties involved.
X = required.
* The Satellite can delegate onboarding procedures to one/ multiple Satellite administrators.
Several parties have responsibilities and tasks in the admission process:
- The Satellite is responsible for facilitation of the process while safeguarding the integrity and trust of the iSHARE Trust Framework;
- If delegated by a Satellite, the Satellite administrator is responsible for onboarding of participants.
- The Scheme Owner onboards/admits the participants playing the role of a Satellite. The Scheme Owner can also admit other participants in the iSHARE network until further notice.
- The prospective participant is responsible for implementing the guidelines set out in iSHARE, and for showing and maintaining compliance with the relevant admission criteria.
- A representative of the prospective participant registers with a Satellite/Satellite Administrator and provides the Satellite/Satellite Administrator with:
- Primary contact details: name, role, e-mail.
- Description of how they will be using the iSHARE Trust Framework
- A valid EORI number (or other nationally recognised chamber of commerce number which can be verified);
- The Satellite/Scheme Administrator checks whether there are potential impediments that could block the completion of the admission process for the prospective participant:
- E.g. previous exclusions from a Data space/iSHARE network in the recent past;
- The Satellite/Scheme Administrator will facilitate testing and certification of the prospective participant.
- The Satellite/Satellite Administrator may provide testing material and documentation on the test environment: certificates, keys, SDKs, etc.;
- For prospective Certified Parties this will include role-specific non-technical requirements.
- The prospective iSHARE participant formally requests admission to the particular data space or the iSHARE network by providing:
- An iSHARE accession agreement signed by an authorized representative of the prospective participant;
- The eSEAL digital certificate (public key) that will be used;
- iSHARE conformance test tool report and any additional requirements that may be set;
- For a prospective Certified Party: The level of assurance for which the prospective Certified Party wants to be certified, accompanied by a filled in Assessment Framework (and related evidence) to prove that the operational processes of the prospective Certified Party comply with the indicated level of assurance.
- For prospective Certified Parties additional verification may be required.
- The Satellite Administrator verifies the acceptance of the prospective participant's admission request and its conformance with the admission criteria;
- For prospective Adhering Parties the Satellite/Scheme Administrator has 5 working days to verify the acceptance of the prospective participant’s admission request and its conformance with the admission criteria;
- For prospective Certified Parties the Satellite/Scheme Administrator has 30 days to verify the acceptance of the prospective participant's admission request and its conformance with the admission criteria, but aims to respond and soon as possible;
- A legal representative of the Satellite (or Scheme Owner) signs the participant’s iSHARE accession agreement, and communicates the verified acceptance to the new participant;
- The Satellite/Satellite Administrator records the participant’s status within the iSHARE Trust Framework in the participant registry.
Levels of participation
In order to lower initial barriers for participation, a prospective participant may join the iSHARE Trust Framework without meeting all criteria. A possible situation could occur where a party wishes to join iSHARE as a participant, but is not able to meet all technical requirements for data exchange. Instead, the participant will delegate this to an intermediary party (for example, a data hub) that will provide technical data exchange services.
Identity verification level
- Verified according to publicly available trusted resources
The identity of the party can be verified (eg. EORI, or other internationally verifiable source)
- Verified by Satellite/Satellite Administrator
Although this option is not generally recommended, this denotes that the participant is explicitly trusted by the Satellite/Satellite Administrator that recorded the participants admission.
- Legal adherence
- No legal adherence
The Participant is trusted by the Satellite. Note that this indication MAY limit the available options for data sharing for this participant within the iSHARE Trust Framework due to a lower level of legal assurance.
- Full technical compliance
Technical compliance was verified by providing a successful test report of iSHARE certification tool.
- No technical compliance
Technical Compliance has not been verified. Note that this indication WILL limit the available options for data sharing for this participant within the iSHARE Trust Framework, because the participant MUST use another (compliant) participant to handle exchanges on his behalf.