ESS Version 2.7 Enhances Enterprise-Grade Sharing Controls

Executive Summary

ESS 2.7 introduces new capabilities for fine-grained data sharing, enhanced security, and improved operational efficiency. This release empowers businesses and their customers to share data more precisely while maintaining strict privacy controls, improving system performance and scalability, and providing deeper visibility into access management operations.

‍

Major New Features

‍

1. Data Views API - Fine-Grained Data Sharing 

This new API introduces a powerful capability that transforms how organizations deploying Inrupt can share JSON data stored in Data Wallets. The API enables developers to create filtered "views" of data using familiar GraphQL queries, allowing organizations to expose exactly the information needed for specific use cases while keeping sensitive details private. 

How It Works:

• View Definitions: Reusable GraphQL-based filters that define what data to expose (e.g., "show only name and email from contact info")
• View Resources: Automatically generated, read-only resources that display filtered data
• View Containers: Apply filters to entire folders of resources at once
• Automatic Synchronization: When source data changes, all View Resources update automatically - no manual syncing required
• Preview Capability: Test your filters before creating them to ensure they work correctly
  ‍

For Developers

• Rapid Development: Build applications that respect user privacy without changing your organization's existing JSON schemas
• GraphQL Flexibility: Leverage familiar GraphQL syntax for powerful filtering capabilities including:
  
  • Field selection and nested object filtering
  • Numeric comparisons (greater than, less than, ranges)
  • Date range queries
  • Array membership filtering
• Standard Solid Integration: View Resources work seamlessly with existing Access Control Policies, Access Grants, and Notifications
  ‍

Business Benefits

• Privacy-First Sharing: Comply with data privacy regulations (GDPR, CCPA) by sharing only necessary customer information
• Enhanced User Trust: Give customers fine-grained control over what personal data they share, building trust, loyalty, and confidence in your brand
• Faster Time-to-Market: Reduce development time for privacy-aware features by leveraging existing data formats
• Scalability: Automatically handle data updates without manual intervention
  ‍

Real-World Use Case Examples:

• Healthcare: Share patient diagnosis and treatment information with specialists while keeping SSN, billing details, and insurance information private
• Financial Services: Provide transaction summaries showing amounts and categories while hiding account numbers and merchant details
• Government & Public Sector: Access only the citizen data that’s required. Citizens can securely and granularly consent to share personal data such as employment history or gross wages, while protecting more sensitive information around salary or personal ID numbers.
  ‍

For more information, see Data Views API.

‍

2. Enhanced Pruning Architecture - Improved Performance and Scalability

Recognizing that enterprise deployments require predictable performance at scale, ESS 2.7 introduces an enhanced pruning system that fundamentally improves how the system handles deleted resources. The new pruning system processes deletions in smaller, configurable batches across multiple iterations, dramatically reducing system load to improve performance and scalability for organizations managing large customer data volumes.

‍

How It Works:

• Batch Iteration Processing: Prune jobs now work through resources in small batches (default: 100) across multiple iterations (default: 100 iterations, 1000 in Kubernetes)
• Configurable Delays: Delays added between iterations to further reduce system load (default: 20ms)
• Intelligent Continuation: If max iterations is reached, remaining resources are automatically processed in the next scheduled prune job
• Data Views Support: Includes soft-deleted View Definitions and View Bindings in the pruning process
  ‍

For Developers

• Predictable Performance: Smaller batch sizes prevent performance degradation during pruning operations
• Better Observability: Simplified logging with clear message IDs and per-iteration progress tracking
• Fine-Tuned Control: Adjustable iteration counts and delays to match your infrastructure capabilities
• Backward Compatible: All configuration changes work with existing deployments without migration
  ‍

Business Benefits

• Improved System Reliability: Reduced peak load prevents service disruptions during cleanup operations
• Lower Infrastructure Costs: More efficient resource utilization means potentially smaller infrastructure requirements
• Scalability: Handle higher volumes of deletions without system strain
• Operational Flexibility: Schedule pruning more frequently without performance impacts
  ‍

For more information, see Pruning Configuration.

‍

3. Access Grant Metrics - Enhanced Monitoring and Observability

As enterprise scale AI experiences to serve millions of customers, operational visibility becomes critical for maintaining system health and user experience. ESS 2.7 introduces Access Grant Metrics, a new monitoring capability that provides real-time visibility into the lifecycle and state of Access Requests and Access Grants throughout ESS deployments.
‍

How It Works:

• Access Request Tracking: Monitor requests by status (pending, granted, denied, canceled, expired)
• Access Grant Monitoring: Track grants by status (active, expired, revoked)
• Access Denial Counting: Count total denials issued by the system
• Performance Optimization: Metrics are cached with configurable expiration times (default: 300 seconds) for efficient querying
  ‍

For Developers

• Standard Integration: Works with existing Prometheus monitoring infrastructure
• Troubleshooting Aid: Quickly identify access permission issues and bottlenecks
• Performance Insights: Understand access patterns to optimize application behavior
• Customizable Caching: Adjust cache expiration to balance freshness vs. performance
  ‍

Business Benefits

• Operational Visibility: Gain insights into how access management is used across the platform
• Compliance Reporting: Track access patterns for audit and compliance requirements
• Proactive Issue Detection: Identify unusual patterns (spike in denials, expired grants) before they impact users
• Capacity Planning: Understand access management load to plan infrastructure needs
• User Experience Optimization: Identify app improvements that would simplify controls and reduce friction for users

For more information, see Access Grant Metrics.

‍

4. Security Enhancements - Enterprise-Grade Encryption

Security remains paramount in enterprise deployments, particularly as organizations manage increasingly sensitive personal data across distributed systems and agents. ESS v2.7 introduces comprehensive SSL/TLS support for all data in transit between ESS services and external systems (databases and Kafka brokers), plus SASL authentication for Kafka connections.
‍

For Developers:

• Standards-Based: Uses industry-standard SSL/TLS and SASL mechanisms
• Transparent Integration: Services automatically use encrypted connections once configured
• Debugging Support: Clear configuration paths and error messages
  ‍

Business Value:

• Compliance Readiness: Helps meet regulatory requirements for data in transit (HIPAA, PCI-DSS, SOC 2, etc.)
• Risk Mitigation: Eliminate unencrypted connections as potential attack vectors
• Defense in Depth: Multiple layers of security (encryption + authentication)
• Audit Trail: Demonstrate security controls to auditors and stakeholders
  ‍

See Database SSL/TLS Configuration and Kafka SSL Configuration for more information.
‍

Summary of Release Benefits:
‍

For Organizations:

• Enhanced Privacy Controls: Give users unprecedented control over data sharing while maintaining existing data models
• Reduced Operational Costs: Lower storage costs, improved system efficiency, and reduced infrastructure requirements
• Better Compliance Posture: Meet regulatory requirements with fine-grained sharing and encryption
• Improved Scalability: Handle growth while minimizing system strain or performance degradation
• Operational Excellence: Better visibility and monitoring capabilities for proactive management
  ‍

For Developers:

• Faster Feature Development: Build privacy-aware applications with less code
• Modern Tooling: Leverage GraphQL and standard Prometheus metrics
• Flexibility: Extensive configuration options to match your needs
• Reliability: Improved system stability and predictability
• Security by Default: Enterprise-grade encryption without complex configuration
  ‍

Getting Started

For organizations building user-centric data platforms, ESS v2.7 provides the foundation to deliver fine-grained privacy controls, maintain operational excellence, and prepare for the AI-driven applications that will increasingly require secure access to sensitive personal data from consumers.

By combining breakthrough data sharing capabilities with robust system performance, comprehensive observability, and enterprise security, this release enables organizations to deliver compliant, trusted, and differentiated AI experiences for millions of customers. 

ESS v2.7 is available now. To learn more, get in touch with our team today.