From agreement to access: how data is actually transferred in a data space

AI Open Space

From agreement to access: how data is actually transferred in a data space

There's a lot of talk about negotiations, contracts, and policies in data spaces, but what happens after signing the agreement? How does data actually get from provider to consumer? Data transfer is the phase where everything prior materializes, and our data space implements it with a rigorous protocol guaranteeing security, control, and traceability for every byte transferred.

Five states, one controlled flow

Like negotiation, data transfer follows a state machine defined by the IDS protocol:

  • REQUESTED. The consumer requests a transfer against a valid agreement. The system verifies the agreement exists, is verified, is not cancelled, and that the usage policy authorizes the requested action.

  • STARTED. The provider automatically starts the transfer: generates an access endpoint with a temporary authentication token and sends it to the consumer.

  • SUSPENDED. The provider can temporarily suspend access (for maintenance, overload, or any operational reason). The consumer temporarily loses access but the transfer isn't closed.

  • COMPLETED. The consumer marks the transfer as complete when they've obtained all the data they needed.

  • TERMINATED. Either party can terminate the transfer at any time, with a reason code and explanation.

Every state transition is recorded with a timestamp, actor (provider or consumer), and change details, creating a complete auditable history.

Auto-start: from agreement to access in milliseconds

One of the features that distinguishes our data space is automatic transfer startup. When the consumer requests a valid transfer, the provider's system doesn't wait for human intervention: it automatically generates a data address (a URL endpoint protected with a Bearer token) and sends it to the consumer.

This endpoint points to the provider's Data Transfer Module, which serves data according to the dataset configuration and flow type (structured data, files, service, or real-time). The token is valid only for the transfer's duration.

Exhaustive validation before every transfer

Before a single byte moves, the system runs five validations: confirms the agreement exists and belongs to the requesting consumer; verifies the agreement has been validated by both parties; checks it hasn't been cancelled; validates that ODRL permissions include the requested action (use, read); and verifies that temporal or other constraints are met at the time of the request.

If any validation fails, the transfer is rejected with a specific error code. There are no shortcuts or permissive modes.

From transfer to pipeline: reusing received data

A practical innovation of our data space is the ability to convert an active transfer into an internal data source. With a single click (or API call), the consumer can create an internal data connector pointing to the transfer endpoint. This internal source can be immediately used in pipelines, combining data received from the data space with proprietary data, applying transformations or analysis before storage.

This closes the loop between discovery, negotiation, transfer, and processing: a continuous flow from the remote catalog to the consumer's local storage.

Suspension and resumption: granular control

Unlike systems where transfer is all-or-nothing, our data space allows providers to temporarily suspend a transfer without terminating it. This is useful in real scenarios: scheduled data server maintenance, detecting anomalous usage requiring investigation, or simply needing to prioritize resources.

Suspension includes a code and human-readable reasons. The consumer receives the notification and can retry when the transfer resumes. No agreement renegotiation is needed.

Blockchain traceability

When a transfer is associated with a Clearing House-registered agreement, the provider records each completed transfer on blockchain. The record includes the agreement hash, both parties' process identifiers, and a timestamp. This record is immutable and allows proving, in case of dispute, that a specific transfer occurred at a specific time under a specific agreement.

The last mile of shared data

Data transfer is where the promise of a data space becomes tangible reality. Without a robust transfer protocol, everything else (catalogs, negotiations, identity) is just theory. Our data space ensures every transfer is authorized, controlled, traceable, and useful—because data doesn't just reach the consumer: it arrives ready to be processed.