Architecture documentation (arc42)
Business Partner KIT
Business Partner Data Management Application for Golden Record (BPDM)
- Business Partner Data Management Application for Golden Record (BPDM)
- Introduction and Goals
- Architecture Constraints
- System Scope and Context
- Solution Strategy (High Level Picture)
- Building Block View
- Runtime View
- Business Partner Data Records - States
- Deployment View
- Crosscutting Concepts
- Architecture Decisions
- Quality Requirements
- Risks and Technical Debts
- Glossary
Introduction and Goals
This document describes the Catena-X Business Partner Data Management Application, short BPDM.
In the Catena-X Automotive Network, the so-called Golden Record, together with a unique identifier, the Business Partner Number (BPN), creates an efficient solution to the increasing data retention costs.
The Golden Record is a concept that identifies, links and harmonizes identical data on legal entites, sites and addresses from different sources (“sharing members"). During the creation of the Golden Record data, duplicates are removed, the quality within the data records is improved, missing information is added and deviations are automatically corrected. This is done using public, commercial or other agreed sources of trust and/or information. This approach reduces costs of business partner data maintenance and validation for all the companies concerned.
The BPN, as the unique identifier of the Golden Record, can be stored as a verifiable credential used in an SSI solution so that a business partner can provide it for authentication and authorization.
The Golden Record business partner data in combination with the BPN acts as the basis for a range of supplementary value-added services to optimize business partner data management. These are referred to as value-added services. Together with decentralized, self-determined identity management, they create a global, cross-industry standard for business partner data and a possible 360° view of the value chain.
[!NOTE] A Business Partner Data cleaning as well as Golden Record Creation Process is not part of this reference implementation!
Additional Information Material:
- Visit BPDM on the official Catena-X Website: bpdm_catenax_website
Goals Overview
The following goals have been established for this system:
Priority | Goal |
---|---|
1 | Provide unique global business partner IDs within the Catena-X Network |
1 | Provide centralized Master Data Management for business partner data |
2 | Enable network-based data sharing for business partner data to increase overall data quality and reliability |
2 | Enable also Small and medium-sized Businesses (SMEs) to use the services |
3 | Provide a change history für business partner data |
Requirements Overview
[!IMPORTANT] Cross-Check with CACs
The following Usecases together with its requirements exist for this system:
Req-Id | Requirement | Explanation |
---|---|---|
BPDM-R1 | Upload and curate BP data | CX Member can upload their business partner and get curated business partner information back, based on the Golden Record |
BPDM-R2 | Provide changelog for BP | A changelog is provided to determine which changes on which date are available |
BPDM-R3 | Provide GR | Based on the shared business partner information and external service providers a Golden Record is created |
BPDM-R4 | Provide changelog for GR | A changelog is provided to determine which changes on which date are available |
BPDM-R5 | Keep GR up-to-date based on external resources | Golden Records must regularly checked for changes based on external resources |
BPDM-R6 | Provide unique business partner IDs | For each Golden Record a unique ID, the so called Business Partner Number (BPN) is created |
Quality Goals
Priority | Quality Goal | Scenario |
---|---|---|
1 | Security | All users and services which access the Golden Record Application must be authenticated and authorized. Only the Golden Record Application itself is allowed to perform changes on data. Consuming services/users are only allowed to read data. In addition they are only allowed to read the specific data that belongs with this, the Data Sovereignty principles of Catena-X has to be fulfilled |
1 | Integrity | Only the Golden Record Application is allowed to perform changes on the data. In addition, all changes must be traceable and must be able to be rolled back |
1 | Legally | No natural persons are allowed to get uploaded and stored. For all other uploaded Business Partner data it is mandatory that users (CX Members) can only see their own uploaded data and that it is not possible to draw conclusions about other business partner relationships |
1 | Integrity & Correctness | It must be ensured that the data of the golden record which is created during the process is correct. |
2 | Reliability | The Golden Record Application is a central foundation in the Catena-X Network. It provides all participants and services, business partner data and the unique Business Partner Number (BPN) as identifier. Therefore the BPDM Services must be always/highly available |
2 | Functional Stability | Since the Golden Record Application is a central foundation in the Catena-X Network the defined standards of the API and datamodel for the associated Release Version must be fulfilled |
1 | Sensitivity of data | the uploaded business partner data is highly sensitive, that's why it must be ensured that no unauthorized user/system can access data which does not belong to it. More over it must be guaranteed that no one can see the business partners related to the specific Catena-X Member. |
Stakeholders
Role/Name | Expectations | Example |
---|---|---|
Big Company (CX-Member) | Company wants to have cleaned and enriched business partner data objects with a BPN. | |
SME Company (CX-Member) | Company wants to have cleaned and enriched business partner data objects with a BPN based on a CSV data. | |
CX Apps | Other apps and their use cases want to use the business partner data objects and the BPN for their processes | The CX Portal will use the BPN for on-boarding new companies into the network. Traceability Apps will use BPN to describe business partners |
Architecture Constraints
Constraint ID | Constraint | Description |
---|---|---|
C-1 | Software and third party software must be compliant to the Catena-X and Eclipse Foundation Guidelines/Policies eclipse_foundation | |
C-2 | Eclipse Dataspace Connector must be used for data transfer between different legal entities |
System Scope and Context
Business Context
The following figure depicts the business context setup for BPDM:
The following are the various components of the business context setup:
Master Data Management (Catena-X Member)
A backend system that's operated by a company which is participating in the Catena-X Ecosystem and consuming digital services or data assets.
Small-Medium-Enterprises (SME) (Catena-X Member)
A SME company that's participating in the Catena-X Ecosystem and consuming digital services or data assets.
Catena-X Portal/Marketplace (CX Portal)
The Portal which provides an entry point for the Catena-X Members, to discover Apps that are offered in Catena-X.
Value Added Services
- Value Added Services can be provided be either the Operator itself or by an external App/Service Provider. The Value Added Services provide data or service offers based on Catena-X Network data.
- There are several value added services that can be offered in context of business partner data. For example a Fraud Prevention Dashboard/API, Country Risk Scoring and so on.
Catena-X Operative Environment for BPDM
- Within Catena-X there will be only one central operation environment that operates the BPDM Application. This operative environment provides the services and data for other operation environment or applications which needs to consume business partner data or golden record data.
Catena-X BPDM Application
- The BPDM Application which offers services to Catena-X Members, Catena-X Use Cases and Catena-X BPDM Value Added Services for consuming and processing business partner data as well as Golden Record Information and BPN Numbers.
Curation & Enrichment Services
- To offer the BPDM and Golden Record Services, Catena-X uses services from external third party service providers. These can either be operated by the operator itself or external companies that have a contract with the operator.
Technical Context
The technical context setup including deployment is depicted in the following figure:
- The BPDM Application follows a microservice approach to separate the different components of the system.
- Within Catena-X there will be only one central operation environment that operates the BPDM Application. This operation environment provides the services and data for other operation environment or applications which needs to consume business partner data or golden record data.
Solution Strategy (High Level Picture)
The following high level view gives a basic overview about the BPDM Components:
BPDM Gate
- The BPDM Gate provides the interfaces for Catena-X Members to manage their business partner data within Catena-X.
- Based on the network data a Golden Record Proposal is created.
- The BPDM Gate has its own persistence layer in which the business partner data of the Catena-X Members are stored.
- For the current reference implementation, multi-tenancy is realized via a 1:1 deployment for each Catena-X Member. This means that every Catena-X Member who shares his business partner data, has its own Gate and own persistence.
BPDM Pool
- The BPDM Pool is the central instance for business partner data within Catena-X.
- The BPDM Pool provides the interface and persistance for accessing Golden Record Data and the unique Business Partner Number.
- In comparison to the BPDM Gate, there is only one central instance of the BPDM Pool.
BPN Issuer
- Every participant in the Catena-X network shall have a unique Business Partner Number (BPN) according to the concept defined by the Catena-X BPN concept. The task of the BPN Generator is to issue such a BPN for a presented Business Partner data object. In that, the BPN Generator serves as the central issuing authority for BPNs within Catena-X.
- Technically, it constitutes a service that is available as a singleton within the network.
- Currently, creation of BPNs is part of the BPDM Pool implementation. After implementing the BPDM Orchestrator, it can be considered if it should be an independent component.
BPDM Orchestrator
- Intention of the BPDM Orchestrator is to provide a passive component that offers standardized APIs for the BPDM Gate, BPDM Pool and Data Curation and Enrichment Services to orchestrate the process of Golden Record Creation and handling the different states a business partner record can have during this process.
Building Block View
High-Level Architecture (Generic Endpoint)
Simulator Service
- To become more independent in testing the BPDM Application, a Simulator Service was developed.
- The Simulator Services supports the E2E Test Cases to validate the flow from BPDM Gate to BPDM Pool and back again.
EDC Operator
- The diagram above shows two EDCs on Operator side. This is only for visualization purpose. On a technical level there is only one EDC.
SME
- Currently there is no SME Application available
Runtime View
Upsert Generic Business Partner
[!NOTE] An additional endpoint was implemented as requirements came up that required business partner data records not to be fed directly into the golden record process after an upload. Instead, this endpoint makes it possible to change the status of a business partner data record from "inital" to "ready". Only data records with the status "ready" are fed into the golden record process. We are aware that the existing integration scenarios, such as with the portal team, are impacted by this. For this reason, we recommend that the gate is configured accordingly so that the status is set to "ready" by default when a data record is uploaded. The operator can configure this behavior in the gate individually based on the requirements.
Update on Golden Record Change
Business Partner Data Records - States
This sections describes the different states a business partner data record can have.
Automatically executing golden record process
Manually triggering golden record process
Deployment View
Applications Deployment without Kubernetes
Single Application Kubernetes Deployment
Crosscutting Concepts
Authentication & Authorization
Roles, Rights, Permissions
The authorization concept of the golden record process services (BPDM) has evolved. This impacts the permissions of portal users as well as as the creation of technical users in the Portal.
Relevant concepts
The golden record process contains sharing members which need to share their data (input) to the golden record process and read the result of that process (output). The Pool is a central place that offers golden records that have been created from the shared business partner data. Golden records are distinguished between whether they belong to Catena-X members or not.
BPDM Permission Groups
We defined the following relevant permission groups in BPDM:
1.Gate Admin: Create, update and read sharing member business partner input data as well as read the output data of the golden record process.
2.Gate Input Manager: Create, update and read sharing member business partner input data.
3.Gate Input Consumer: Read sharing member business partner input data.
4.Gate Output Consumer: Read sharing member business partner output data.
5.Pool Admin: Read, create and update golden records as well as meta data in the Pool.
6.Pool Cx Member: Read golden records that belong to Catena-X members from the Pool.
7.Pool Sharing Member: Read golden records of Catena-X members and the overall changelog.
8.Orchestrator Admin: Full access to Golden Record Tasks.
9.Orchestrator Task Creator: Create Golden Record Tasks, view task results and status.
10.Orchestrator Clean And Sync Task Processor: Reserve and resolve Golden Record Tasks in step 'Clean And Sync'.
11.Orchestrator Clean Task Processor: Reserve and resolve Golden Record Tasks in step 'Clean'.
12.Orchestrator Pool Task Processor: Reserve and resolve Golden Record Tasks in step 'Pool'.
Permissions
Permissions as client resources
BPDM Pool | BPDM Gate | BPDM Orchestrator |
---|---|---|
• read_partner | • read_input_partner | • create_task |
• write_partner | • write_input_partner | • read_task |
• read_partner_member | • read_input_changelog | • create_reservation_clean |
• read_changelog | • read_output_partner | • create_result_clean |
• read_changelog_member | • read_output_changelog | • create_reservation_cleanAndSync |
• read_metadata | • read_sharing_state | • create_result_cleanAndSync |
• write_metadata | • write_sharing_state | • create_reservation_poolSync |
• read_stats | • create_result_poolSync |
Permissions by permission group
Gate Permission
Admin | Input Manager | Input Consumer | Output Consumer |
---|---|---|---|
All of BPDM Gate | • read_input_partner | • read_input_changelog | • read_output_changelog |
• write_input_partner | • read_input_partner | • read_output_partner | |
• read_input_changelog | • read_input_changelog | • read_output_changelog | |
• read_sharing_state | • read_sharing_state | • read_sharing_state | |
• write_sharing_state | • read_stats | • read_stats | |
• read_stats |
Pool Permission
Admin | Cx Member | Sharing Member |
---|---|---|
All of BPDM Pool | • read_partner_member | • read_partner_member |
• read_changelog_member | • read_changelog_member | |
• read_metadata | • read_metadata | |
• read_changelog |
Orchestrator Permissions
Admin | Task Creator | Clean And Sync Task Processor | Clean Task Processor | Pool Task Processor |
---|---|---|---|---|
All of BPDM Orchestrator | • create_task • read_task | •create_reservation_cleanAndSync • create_result_cleanAndSync | • create_reservation_clean •create_result_clean | • create_reservation_poolSync • create_result_poolSync |
Mapping to Portal user roles for all companies (for all Catena-X members)
BPDM Permission Group | Portal Role |
---|---|
Gate Admin | Service Manager |
Pool Cx Member | CX User |
Technical Users
The golden record service provider needs to be able to generate technical users for each permission group (1 - 8). The technical users for sharing member roles 1 - 4 should be associated with the sharing member's BPNL (So that resulting tokens will have the sharing member's BPNL for authorization purposes). Furthermore, there needs to be one technical user option per Pool and Orchestrator permission group.
Resulting technical users to be creatable in the Portal
For BPDM service
-
Gate BPNLX Admin (for each Sharing Member)
-
Pool Admin
-
Pool Cx Member
-
Pool Sharing Member
For VAS
- Gate BPNLX Consumer: Having both roles 'Gate BPNLX Input Consumer' and 'Gate BPNLX Output Consumer ' (for each Sharing Member)
Companies which have booked the golden record service should not be able to create any technical users for BPDM. Any such feature to create technical users for companies that are not the golden record service provider should be removed.
Demo Configuration
BPDM is configurable to have arbitrary configurations when it comes to redirect URLs and clients. As long as the above requirements are implemented, BPDM can be configured to be compatible with any Portal environment.
Still, for the sake of defining a demo configuration, here is a proposal:
Clients:
BPDM Pool
BPDM Gate
BPDM Pool
Valid Origin:Click here*
Description: BPDM Pool
BPDM Gate:
Valid Origin: Click here*
Description: BPDM Gate
Keycloak Example Configuration
This example configuration includes the roles, clients and client scopes that BPDM currently expects. The actual client IDs are subject to change depending on the name they receive in the Portal Keycloak configuration.CX-Central.json
For more details see: Click here*
EDC Communication
Data Offer Configuration
Communication with BPDM application must be via EDC. The standards for EDC Assets are defined as follows:
An example postman collection for Asset definition you can find here
Verified Credentials
Gate
To enable communication for uploading and downloading from the gate through EDC, it's essential to have a Verifiable Credential stored in the wallet for BPDM Framework Agreement. This credential will be verified during EDC communication. Additionally, the BPN-Verifiable Credential needs to be validated to ensure that only the sharing member has access to its own gate.
Pool
To enable communication for downloading from the pool through EDC, it's essential to have a Verifiable Credential stored in the wallet for BPDM Framework Agreement. This credential will be verified during EDC communication. Additionally, the Membership Credential needs to be validated to ensure that only onboarded catena-x members have access to the pool.
Purposes Additionally each of the purposes need to be checked. You can find them here. All purposes beginning with cx.bpdm.gate and cx.bpdm.pool are relevant.
Keycloak Authentication & Authorization Flow
Business Partner Data Management Standards
Logging Behavior
As Spring Boot applications BPDM employs Spring specific logging behavior
We enhance the default log entries with user request information including the determined user ID and a generated request ID. Not all logs belong to an ongoing user request in which case these entries are empty.
In addition to the Spring standard logs the BPDM applications keep a log of the following events:
- INFO: User requesting resource with resource name and HTTP verb
- INFO: Request HTTP response
- INFO: Update/Create Golden Record Business Partners
- INFO: Creating BPNs
- ERROR: Uncaught exceptions occurring in the service logic
Architecture Decisions
Use a multi gate deployment approach to realize multi-tenancy
- status: accepted
- date: 2023-06-01
- deciders: devs, architects
- consulted: ea, pca
Context and Problem Statement
In BPDM a wide range of CX Member share their business partner data with our system. It must be ensured that each CX Member has only access to its own data. That's why our system must realize some kind of multi-tenancy.
// This is an optional element. Feel free to remove.
Decision Drivers
- in the automotive industry there are requirements and standards like TISAX that high confidential business partner data must be stored in secure manner
Considered Options
- Use one Gate and implement multi-tenancy within the code base and database
- Use multiple Gates so that every member will have its own Gate with database
Decision Outcome
Chosen option: "Use multiple Gates so that every member will have its own Gate with database", because so far its the most easiest and secure way to realize multi-tenancy in context of a reference implementation. It also provides the highest flexibility regarding to possible upcoming requirements. For example perspectively Gates could be deployed in different regions or locations. Also data is stored by default in different databases which gives additional security by default.
//This is an optional element. Feel free to remove.
Consequences
- Good, because easier Identity and Access Management
- Good, because data separation by default
- Good, because better failure tolerance.
- Good, because flexibility in upcoming requirements.
- Bad, because we need a separate deployment and configuration for a new Gate when a new CX Member wants to use BPDM Service. As reference implementation this is fine, for production Usecases these deployments can be automated.
Implications on EDC and Asset Configuration
-
Even if there are multiple BPDM Gate instances there will be only one deployed EDC
-
In fact, new EDC Assets and Configurations must be applied for each new Catena-X Member who subscribes BPDM Application Service
-
In context of reference implementation it is done manually. For operationalization an Operator should automate this.
Implications on SMEs
-
To exchange business partner data accross legal entities and enabling contract negotiation, each SME needs to have its own EDC
-
The EDC itself can be provided as offer by the operator or other "EDC as a Service" Service Provider
Implications on Value-Added-Services
-
Currently it is out-of-scope that BPDM provides a kind of list or routing mechanism about which Gates are available to consume. The team is evaluating the possibility getting this information based on Catena-X Portal registrations.
-
In fact for reference implementation a customer who wants to subscribe a Value Added Services has to provide his Gate/EDC Endpoints
-
The Value Added Services also have to ensure by its own to secure and separate the data of each customer
//This is an optional element. Feel free to remove.
Pros and Cons of the Options
Use one Gate and implement multi-tenancy within the code base and database
- Good, because only one deployment is required
- Good, because better cost saving, because only one database is used
//use "neutral" if the given argument weights neither for good nor bad
- Bad, because higher implementation effort
- Bad, because unknown requirements in data separation. If data must be stored in different databases, all our efforts would be for nothing.
- … //numbers of pros and cons can vary