Simplified Data Deletion and Querying in Inrupt’s Version 2.3 Release
Today we announce the general availability of the version 2.3 release of Inrupt’s Enterprise Solid Server (ESS).
Version 2.3 formally serves as the first distribution of ESS to include our new Wallet APIs, having previewed them in beta after the July announcement of Inrupt’s Data Wallet. The full announcement is available in our blog post.
The release also extends the operational capabilities of ESS. New capabilities simplify data deletion requests so organizations can efficiently delete a user’s data and remain compliant with policies and legislation. In addition, ESS now has enhanced error reporting and diagnostic capabilities, making it easier for operators to maintain their deployment of ESS and quickly diagnose any problems.
For application developers, version 2.3 introduces new APIs for efficiently processing and querying Access Requests and Access Grants (ARs/AGs). These capabilities make it easier for developers to efficiently build access control capabilities that scale.
Wallet APIs
Inrupt’s Wallet API Service is a simple and convenient API that abstracts the underlying Solid protocol to simplify building wallets out of the box. This API exposes commonly-used wallet functions so that any application can easily leverage the underlying wallet capabilities, making it possible to introduce wallet capabilities into existing applications. The Wallet API provides capabilities for:
- Sign-up and provisioning a wallet (a Pod) within the ESS service
- Creating, reading, updating, and deleting resources stored in the wallet
- Managing Access Requests and Access Grants (consent) for data in the wallet
- Requesting access to data on wallets
Operational efficiencies
Data Deletion Capabilities
Version 2.3 builds on the mission-critical foundation of the previous release and adds new capabilities that simplify the process of managing data subject deletion requests (sometimes referred to as the “right to erasure” in a GDPR context).
Solid naturally assists organizations in regulation compliance by providing user-centric storage for an Active Wallet through our Enterprise Solid Server. Storing data in this manner makes it easier for organizations to understand and manage data in accordance with GDPR, CCPA, and other legal requirements.
The new capabilities of ESS now make it simple for an organization to comply with GDPR and other privacy regulations, simplifying the process of responding to a data subject deletion request. Operational processes can easily be configured to notify ESS that a specific user’s data must be deleted. The system then efficiently processes the deletion request, generating an appropriate audit trail so that compliance officers can be confident that they are meeting their corporate policies and legal objectives.
Moreover, once a deletion request has been submitted for a given individual, the system immediately makes their data inaccessible to all connected systems and services. Operational and compliance teams can be confident that ESS will locate and remove all data it has stored for the given individual, and that no data can be accessed or used inappropriately during the deletion process..
ESS Error Reporting Improvements
Version 2.3 makes operational improvements to the server’s error reporting capabilities, increasing consistency across all services and standardizing the error descriptions the server generates.
Operators of ESS now receive improved error messages with a greater level of detail, making it easier to diagnose problems and maintain an operational service. These improvements include standardized message codes, making it easier to set up notifications for specific error conditions and trigger alerts.
Development efficiencies for querying access controls
Version 2.3 introduces significant improvements for application developers building customer experiences based on Access Request and Access Grants.
ESS provides a simple and powerful mechanism for managing access to data in the form of the Access Requests and Access Grants (ARs/AGs). When data is required, a business, service, or individual can issue an Access Request. An Access Request notifies an individual (a wallet holder) that someone, or something, requires access to their data. Once an individual approves an Access Request, an Access Grant is generated. An Access Grant is a cryptographically secure “key” that permits access to data.
Application developers who need to build customer-facing interfaces for presenting ARs/AGs, or process larger numbers of ARs/AGs as part of managing backend services, need an efficient API for querying and managing these resources. Version 2.3 introduces a new API explicitly focused on performance improvements, and for querying ARs/AGs of a specific type or in a specific state. This makes building applications that manage ARs/AGs easier and more performant.
Solid Movement
Solid continues to inspire organizations and individuals alike. Again and again, it proves to be more than just a protocol, a concept, or a technology. Solid is a movement. As the vital piece of the third layer of the web, Solid will continue to generate exciting deployments and applications around the world.
For a full list of ESS capabilities along with the new v2.3 functionality, visit the Inrupt documentation and release notes.
Want to contribute to the future of Inrupt’s Active Wallet? Join our Wallet Design Partners Program by emailing info@inrupt.com, or learn more here.
