User story for the entitlements enforcement POC

Folks, please find a user story for the POC we are proposing to illustrate automated action based on an ODRL document.  The goal of the POC is to generate an entitlements enforcement system.  The below proposal calls for use of a static policy at this stage, which we would be looking to substitute with pulling in a pre-agreed upon policy from DataBP.


User Story Overview

The strategic user story is comprised of primarily three high level use cases to be built out over the next 2-3 years

*         Replacement of current Open DACS.

*         Extension to support Digital Rights Management

*         Extension to support integration of Third Party/Exchange policies. Exposure of inventory policy store and handling of dynamic policy from third parties/exchanges.



Use Case 1: Replacement of current Open DACS

The current Open DACS offering has been criticized for some time. Re-engineering will address the following pain points:

  *   Lack of key capabilities (for e.g., does not support multiple dimensions)
  *   Not flexible (for e.g., positional locking inflexibility)
  *   Performance limitations (for e.g., Equity Tech considers Open DACS unsuitable for low latency use cases)
  *   Upgrade older technology to state of the art. Vendor offering uses old technology which has its significant limitations especially when positioning the platform for extending to additional use cases in future (for e.g., Digital Rights Management).
  *   Apply the new technology framework to non-Market data use cases (for e..g., Reference data management)



Assumptions:

*         For this use case, DACS will remain the golden source of entitlements and will not be replaced.



Drivers and Benefits of Use Case:

*         Resolve the technological shortcomings of the current open DACS system, improve operational efficiency, and decrease operational risk.

*         Significantly reduce the risk of unintended data use.

  *   Automate entitlements that are currently managed manually.



Details of POC Deliverable

Currently, MDS is undertaking a proof of concept to address the above pain points. The POC includes:

  *   Foundation for Open DACS replacement

*         Support cloud/snap and low latency platforms.

  *   Support dimensions / attributes that are not currently defined, tracked & enforced in our DACS system.
     *   Expand enforcement of  data rights across many dimensions to better align to vendor and exchange contracts (for e.g., User, Data Type, Desk/LOB, Geographic Location, Data Use, Age of data, etc.) Currently, DACS has the ability to track, enforce and report on only a few of these dimensions.
  *   Support other data types (that is, more than market data only; e.g. Ref data) and their associated dimensions/attributes.
  *   Align to distributed, and vendor agnostic platform design



In scope for Delivery:

  *   Replace open DACS with new API to address distributed and vendor agnostic platform strategic requirement
  *   Policy to be static, MDS specific

  *   The entitlements system will have capability to produce reports (exchange, audit, etc.) FOR POC /TESTING PURPOSES ONLY.
  *   The entitlements system will have capability to track and control user entitlements for the extended set of dimensions/attributes and non-Market data types   FOR POC/TESTING PURPOSES ONLY.



Out of scope for Delivery:

  *   DACS replacement will not be addressed as part of the POC.
  *   The re-engineered solution will NOT be used to report any information to exchanges/vendors/auditors for the POC Phase. Audit requirements will be addressed in a later phase.
  *   The new entitlements system will NOT be used to control any real user entitlements; only test users created specifically for this project will have their entitlements managed by this system.


Ilya
________________________________
Ilya Slavin | Executive Director | Market Data Services | J.P. Morgan | T: 718-242-5699 | ilya.slavin@jpmorgan.com<mailto:ilya.slavin@jpmorgan.com>


This message is confidential and subject to terms at: https://www.jpmorgan.com/emaildisclaimer including on confidential, privileged or legal entity information, malicious content and monitoring of electronic messages. If you are not the intended recipient, please delete this message and notify the sender immediately. Any unauthorized use is strictly prohibited.