The metadata architecture is responsible for serialising, transmitting and storing information about the different entities in the PHT ecosystem.
It aims at enabling transparancy inside the PADME system and (future) interoperability with other PHT implementations.
It consists out of two main parts:
The PADME metadata schema, a metadata schema created in RDF/OWL, acting as a “lingua franca” for different entities who wants to either publish information about itself or wants to query information about different entities.
The PADME metadata provider/store, which are a client/server based software suite to create the necessary metadata items on the client side and store them on the server side, enabling easy access to them via standardised interfaces.
The schema is work in progress and subject to change at any time.
The schema is written in OWL/RDF. For support in creating the schema, the PROTEGE ontology editor is used.
The specification of the schema can be found here.
The metadata provider, which creates metadata, signs it (if necessary) and sends it to a configured metadata store
The metadata store, which stores metadata information of different providers. Before information is accepted, it is checked against a database of secret keys, whether the graph was correctly signed.
The metadata provider runs at the station side. It is responsible for creating and signing information modelled in the form of rdf graphs, describing the execution of trains that are done at this station.
For a new metadata provider to be able to send information to the central metadata store, it has to be onboarded. This happens alongside the onboarding of a new station.
To ensure the validaty of any information received by providers, the store utilises HMAC secret key hashing. For this, is stores a common secret key for each provider and checks with this the signature of any graph.
For this, the provider needs to send two additional information for each graph:
A keyed-hash signature
Its own iri
The store then checks, if the signature is valid. Additionally, the store does two syntactical checks of the graph:
If the graph is connected
If there is only one resource with a given prefix. For this prefix, the station registries prefix is used, ensuring that no station provides information about other station and only information regarding itself.
Currently there is no validation of authencity of the informaiton done on the semantical level.
After adopting the new schema, SHACL based validations should also be done