About MYDATA Control Technologies
More and more business models require the exchange and processing of business-critical data. The legislator considers personal data to be particularly worthy of protection. MYDATA Control Technologies (short: MYDATA) offers both business partners and citizens more transparency and self-determination in the use of their data. Many existing technologies do not offer a practical solution to these challenges. They only enable simple yes/no decisions (i.e., "allow access" or "deny access") and do not provide enough flexibility for the definition of complex usage control restrictions (e.g., "allow access, but only in anonymized form", "yes, but delete data after 3 days").
MYDATA closes this gap: The data owner can define his individual requirements with regard to data security and privacy, which are then technically enforced by our technology. MYDATA is a software solution for the evaluation, enforcement and management of security and privacy rules. For the technical realization, MYDATA intercepts data flows and offers comprehensive control options. Data in motion can be masked and filtered in fine granular form, for example to make it anonymous. The modular and component-based structure of MYDATA allows a simple integration into existing systems. It provides a highly scalable cloud service for policy evaluation and management, as well as a Software Development Kit for easy integration into your system.
In the following, you will learn how to integrate and use MYDATA based on our three main product features: Policy Enforcement, Policy Language and Policy Management.
MYDATA Control Enforcement
MYDATA intercepts events or data flows and enforces a security decision based on policies. This process is highly customizable by different kinds of plugins to provide full flexibility for all use cases.
Event Monitoring and Manipulation
MYDATA monitors and manipulates data usages and requests based on the active rule set. This manipulation is done by so-called "Policy Enforcement Points", which can modify the (Json serialized) data on the fly. Policy Enforcement Points are highly flexible and customizable. Example modifications could be:
Removing all customer addresses
Anonymizing person names
Coarsing GPS locations
Adding copyright notice to a text
Execution of Actions
MYDATA executes (compensatory or additional) actions based on the active rule set. This execution is done by so-called "Policy Execution Points", which you can register in our system. Policy Execution Points might for example
send E-Mail notifications
create log entries
trigger a business process
Connecting to External Information Sources
MYDATA integrates all kinds of information sources, e.g., location data, directory information. This execution is done by so-called "Policy Information Points", which you can register in our system. Policy Information Points can, for example be used to
check a user role via LDAP
check the user’s context (e.g., "traveling" or "in the office")
check if the weather is nice in Berlin
MYDATA Control Policies
The MYDATA policy language is designed to express restrictions on data usage. It is an XML-based language, providing the following features:
temporal information based on an event history
policy evaluation based on push (event-triggered) or pull (timer-triggered)
connection to external systems for information retrieval (via PIP plugins)
enforcement by data modification using JsonPath (via PEP modifier plugins)
enforcement by execution of actions (via PXP plugins)
MYDATA Control Management & Evaluation
There are two ways you can interact with our system: Via a cloud-based user interface, or via a RESTful web API.
The user interface mainly offers different overviews on the system state, a comprehensive user management and a powerful policy editor with a lot of specification support.
In order to use MYDATA, you can communicate with our services via REST interfaces. We differentiate two main API endpoints: