Merge pull request #22 from Basic-Data-Infrastructure/add-bdi-stack-t…

…o-available-components

[DB-47] Document BDI stack

association-register.md

@@ -4,6 +4,8 @@ category: 4. Components
 order: 2
 ---
 
+The [Association Register](https://bdi.gitbook.io/public/reference-architecture/trust-kit/association-register) is defined as a building block of the BDI Architecture Trust Kit.
+
 The Association Register, unlike the Authorization Register, is a register run by a central authority. It maintains the set of trusted participants in a Data Space. For each participant, it stores their current compliance status, the time frame during which that status applies, their endpoint, and a list of Authorization Registers that manage access to the participants. It also contains additional information, including legal details such as agreements.
 
 To interact with an Association Register, clients first need to obtain a token by sending a message containing their ID, among other details, and signing it with their private key. This message is called a Client Assertion. The Association Register will use the supplied ID to look up the client's public key. With the public key, it will verify the signature. If the signature is valid and the client's current status is active, the register will generate a token, store it internally along with an expiration date, and send it to the client.

authorization-register.md

@@ -4,6 +4,8 @@ category: 4. Components
 order: 3
 ---
 
+The [Authorization Register](https://bdi.gitbook.io/public/reference-architecture/trust-kit/authorisation-oauth-2.0-ar-dm-+-xacml-policies) is defined as a building block of the BDI Architecture Trust Kit.
+
 Within a Data Space, the Authorization Register manages and enforces access control policies. Its core functions revolve around ensuring that data access is granted based on predefined rules and that only authorized participants can access specific data or services.
 
 The Basic Data Infrastructure separates the roles of Service Provider and Authorization Register, but it's possible to implement a service-specific Authorization Register or to integrate the authorization mechanisms in the service (especially when adding BDI functionality to existing services).

available-components.md

@@ -8,13 +8,11 @@ order: 1
 
 Several components are available for BDI implementations.
 
-### [FIWARE iSHARE Satellite](https://github.com/FIWARE/ishare-satellite)
+### [BDI Stack](https://github.com/Basic-Data-Infrastructure/bdi-stack)
 
-A simple implementation of an iSHARE satellite trust anchor / BDI Association Register.
+The BDI Stack contains development and demo tooling and includes docker containers for running an [Assocation Register](assocation-register.md) and [Authorization Register](authorization-register.md) locally.
 
-The FIWARE iSHARE Satellite is based on Python Flask using Gunicorn and runs completely stateless. It is configured with a static configuration file.
-
-_This implementation of the iSHARE Satellite is only meant for testing and demonstration purposes. It is not possible to change participants or trusted CAs in a running instance. It is not recommended to be used in production environments._
+## Third party components
 
 ### [Poort8 Dataspace Noodle Bar](https://github.com/POORT8/Poort8.Dataspace.NoodleBar)
 
@@ -46,3 +44,12 @@ _The Authorization Register code that is in this repository is not a 'production
 This is the iSHARE equivalent of a BDI Association Register.
 
 The iSHARE Satellite is an application that safeguards trust in a dataspace. It functions as a register of participants. Participants can call the Satellite API to verify each other. When you verify that a participant is registered in the Satellite, you know that this participant has signed which agreements and the participant is indeed a part of a dataspace, also on a "legal level".
+
+### [FIWARE iSHARE Satellite](https://github.com/FIWARE/ishare-satellite)
+
+A simple implementation of an iSHARE satellite trust anchor / BDI Association Register.
+
+The FIWARE iSHARE Satellite is based on Python Flask using Gunicorn and runs completely stateless. It is configured with a static configuration file.
+
+_This implementation of the iSHARE Satellite is only meant for testing and demonstration purposes. It is not possible to change participants or trusted CAs in a running instance. It is not recommended to be used in production environments._
+

index.md

@@ -6,7 +6,11 @@ order: 1
 
 ## Overview of BDI
 
-BDI is an architecture that enables services to allow unknown clients to access their APIs if these clients are known to, authenticated by, and authorized by other BDI services. This allows networks of organizations, such as those in the logistics sector, to share data securely and efficiently without the need for an overarching organization to coordinate it all. BDI allows loose coupling of services, using standards where possible, but without requiring them. Even within this loose structure, BDI allows for secure and efficient access to APIs.
+The [Basic Data Infastructure (BDI)](https://bdinetwork.org/) is a framework that enables services to allow unknown clients to access their APIs if these clients are known to, authenticated by, and authorized by other BDI services. This allows networks of organizations, such as those in the logistics sector, to share data securely and efficiently without the need for an overarching organization to coordinate it all. BDI allows loose coupling of services, using standards where possible, but without requiring them. Even within this loose structure, BDI allows for secure and efficient access to APIs.
+
+## Architecture reference
+
+The full width of the Basic Data Infrastructure framework is described in [the BDI architecure reference site](https://bdi.gitbook.io/public). This developer portal focuses on the currently available components and API specifications.
 
 ## Key Concepts and Components