Conformance Test Tool (CTT)

What is Conformance Testing?

For any organization aiming to use the iSHARE Framework, meeting its technical and compliance standards is crucial. The Conformance Test Tool (CTT) plays a pivotal role in this process, helping parties verify that their API services are aligned with iSHARE requirements.

Conformance testing is an integral process that ensures each participant’s system adheres to the established standards and protocols of the iSHARE Trust Framework. This testing verifies that systems are correctly implemented according to iSHARE requirements, guaranteeing that all interactions within the network are interoperable and compliant with the framework.

The Importance CTT in the iSHARE Ecosystem

iSHARE Framework is structured around robust common standards, where every participant—whether a Service Provider, Authorization Registry, or Identity Provider—must demonstrate conformance. The CTT is at the heart of this validation process, functioning as an evaluator of technical readiness.

By using the tool, parties can assess their compliance with iSHARE’s API requirements, a critical step before fully joining the network. Passing the CTT signifies that an organization’s API services operate within iSHARE specifications, minimizing the risk of operational failures or security breaches once in production.

What makes the CTT essential, beyond its technical assessments, is its role in preserving trust. For iSHARE Framework, trust between participants is paramount. The tool, by ensuring adherence to shared standards, reinforces the collective reliability and security of the entire ecosystem.

How Does the CTT Work in iSHARE?

The iSHARE Conformance Testing Tool (CTT) is an automated tool designed to verify that participants’ systems meet iSHARE’s compliance standards. The CTT operates through a sequence of test cases tailored to the specific role an organization seeks to fulfill within the network. Each role corresponds to distinct API requirements, meaning that testing isn’t a one-size-fits-all solution. Instead, the tool dynamically adjusts based on the endpoints relevant to the party being tested. For example, Service Providers need to verify that their /token and /capabilities endpoints are functioning within specification, while Authorisation Registries face additional checks for their delegation mechanisms.

Each test case is meticulously designed to cover a range of potential interactions, ensuring that the organisation’s system can handle both routine and edge-case scenarios. For technical users, the CTT provides logs and raw data, allowing for granular examination of the system’s behavior under test conditions. This depth of feedback is especially useful in multi-step test cases where complex interactions are being simulated

Participants can log into the CTT portal to run role specific test cases on their API services. After completing a test run, the CTT provides detailed feedback, including whether the participant has passed or failed the tests. This tool plays a key role in the onboarding process, facilitating the smooth integration of new participants into the network.

Delegation as a Key Component of Testing

Of particular significance in the CTT process is the testing of delegation capabilities, especially for Authorization Registries. Delegations form the core of how access rights are managed and transferred within the iSHARE network. Ensuring that these transfers function properly is essential for maintaining the network’s integrity.

The CTT evaluates an organisation’s ability to correctly respond to delegation requests. A typical test involves verifying that the /delegations endpoint appropriately handles both permit and deny responses, depending on the context of the request.

Reinforcing Trust and Security

The Conformance Test Tool is more than just a technical requirement for joining the iSHARE Trust Framework’s network; it is also a tool for reinforcing trust and security. In an ecosystem as decentralized and interconnected as iSHARE , trust between participants is non-negotiable. When an organization passes the CTT, it’s not merely a green light for technical compliance; it’s an indicator that the organization has the capacity to operate securely within the wider data-sharing ecosystem.

Security breaches, operational failures, and non-compliance issues not only jeopardize the individual organization but can also damage the credibility of the entire ecosystem. Therefore, the CTT acts as a first line of defense, ensuring that only organizations with robust and compliant technical infrastructures can join the production environment.

Ongoing Relevance: Future Proofing Through Continuous Testing

As the iSHARE Framework continues to evolve and new participants bring innovative services into the ecosystem, the need for ongoing validation becomes more critical. The CTT is not a one-time test but an evolving platform that adapts to new technical requirements as the ecosystems expand. This adaptability is crucial for maintaining the relevance and security of the network over time.

For instance, as new services and roles are introduced, the CTT will evolve to incorporate additional test cases, ensuring that every organization—regardless of its function in the network—can be tested against the latest standards. In this way, the CTT future-proofs the ecosystem by maintaining high levels of security and operational integrity as the network grows.

Can the CTT Be Tailored to Specific Data Spaces or Use Cases?

The CTT is designed with adaptability in mind, enabling customisation to suit specific roles within the ecosystem. While the Framework ensures interoperability, the tool can be tailored to address the unique requirements of different applications. This flexibility ensures that the ecosystem can support a wide array of use cases, while still adhering to its essential principles of trust and compliance.

The iSHARE Conformance Test Tool (CTT) is an essential component for ensuring that participants meet the necessary standards required to operate within the ecosystem. By automating the compliance verification process and providing tailored tests for different roles, the CTT facilitates seamless integration and consistent data sharing across the ecosystem. The next steps involve passing the test run for your specific role to ensure your compliance with onboarding requirements in the iSHARE production environment. For further details on utilising the CTT, please refer to the dedicated CTT page in our developer portal.

Conclusion

The Conformance Test Tool (CTT) is a critical safeguard within the iSHARE ecosystem, serving both as a compliance check and as a mechanism for maintaining trust and security across the network. It offers participants a detailed, self-service testing mechanism to ensure their API services align with iSHARE standards.

By simulating real-world interactions and testing key elements such as delegation and token exchanges, the CTT provides assurance that every participant in the network can operate in a secure and compliant manner. As the Framework continues to evolve, the ongoing role of the CTT in validating new services and ensuring adherence to standards will remain vital to the ecosystem’s success.

In short, the CTT not only ensures the smooth onboarding of new participants but also strengthens the very foundation of trusted data-sharing.