Mission-critical security in Inrupt’s Version 1.1 release
Since announcing Version 1.0 of our software suite last fall, Inrupt has had the opportunity to implement Solid in mission-critical use cases across the globe. Through our work in industries like media, finance, healthcare, government services, and retail, we’ve learned how to unlock Solid’s unique value for some of the world’s largest organizations and their users. Those lessons have informed Version 1.1 of our software suite, released today.
The Inrupt software suite includes the Enterprise Solid Server, Developer Tools, and PodBrowser. Over the past few months, we’ve been collecting feedback and learning how to best help the developer community and organizations looking to incorporate Solid into their digital strategy. Mission-critical use cases often require safely storing and controlling access to sensitive, regulated, or private data. Accordingly, the V1.1 release places an emphasis on intuitive security functionality to facilitate mission-critical and regulated use cases on Solid.
This article highlights some of the key features of the V1.1 release.
Solid enables end users to share and grant access to data stored on Pods with other users, applications, and organizations. In order to do this securely, a Solid server requires the ability to authenticate and authorize these users, applications, and entities. A Solid server must be able to verify the identities of agents in order to ensure they only access data they have been granted access to.
Therefore, Version 1.1 of the Enterprise Solid Server introduces advanced application management, which allows the Server to identify and evaluate the applications and services making requests. This enables Pod owners and service providers to not only control who has access to data, but also control the applications and services used to access that data.
Just as Solid users have WebIDs, applications can now also have WebIDs. Because these identifiers can be cryptographically verified, ESS is able to connect access decisions to these identifiers.
Many modern applications and services are event driven. When an event or trigger occurs, the application detects it and takes an appropriate action. Often, these triggers or events correspond to data changing in a datastore. Version 1.1 introduces this capability with support for notification streams.
Notification streams allow applications to subscribe to changes in a Pod. Any application (so long as it has been authorized) can subscribe to changes and make decisions to respond to those events in real time. This enables secure real-time and event-driven applications to be written using Solid.
Version 1.1 integrates secure sessions to the Enterprise Solid Server and the client libraries. Secure sessions streamline the user experience by tying subsequent requests to a long-lived session between an application and a Solid server. This allows secure applications to function without needing an explicit re-authentication step on every request.
Universal Access Control API
Solid can support different access control models and capability-based security protocols, for example: Web Access Controls (WAC) and Access Control Policies (ACP). These access control models provide a wide range of capabilities and interfaces.
A core tenet of Solid is that data, and the interfaces to access it, are interoperable across applications. In order to achieve this tenet and simplify the developer experience, Version 1.1 of the Inrupt Client Libraries introduces the Universal Access Control API. This API serves as an abstraction that enables developers to write code that is interoperable and agnostic to the access control mechanism that a Pod is using. This enables developers to easily build applications that function across different Solid server configurations, regardless of the underlying access control models.
The Next Chapter of the Web
The Version 1.1 release is a major milestone that enables organizations to leverage the power of Solid in mission-critical use cases. It is an important step towards empowering users across the globe with control over how their data is used and allowing organizations to deliver new kinds of value never before thought possible. I am excited to see the innovative services powered by Solid beginning to emerge to the forefront and can’t wait to see what future releases have in store as we work to usher in the next chapter of the web.