OpenTDF

Protect the Data, Build the Future.

OpenTDF (Trusted Data Format) is a foundational platform that allows you to build and integrate “forever control” of your or your users’ respective data into new and existing applications.

OpenTDF includes encryption, but it is much more than that. It includes additional cryptographically secured metadata that can ensure policy control throughout the lifecycle of data. Imagine being able to grant or revoke, “turn off”, access to your data at any time, even if it is not contained within your own network or application anymore.

Contact Cassandra Zimmerman at Virtru for more information or to share your thoughts and suggestions!

Learn More

Zero Trust and OpenTDF

The concept of forever control stems from an increasingly common concept known as zero trust. Zero trust removes the implicit trust that many of us have granted to our data throughout its historical lifecycle. Zero trust says don’t release the data unless there is a way to maintain control over it.

While the idea of zero trust sounds great, making it happen is a bit more difficult. That’s where OpenTDF comes in. By implementing or integrating OpenTDF into applications and projects, the appropriate owner of a respective piece of data can maintain control over that data forever, or at least as long as the data has not yet completed its intended lifecycle.

Getting Started

If you want to jump directly into building out an OpenTDF environment, the best place to start is the Quickstart Guide. To get a better idea of what you can do with OpenTDF, and some example code of how to do it, please refer to the example projects below.

Privacy, Period.

Secure Cycle demonstrates data control even after a user has shared their data. With OpenTDF, the data owner has the option of putting a tether on their data, with the ability to revoke access even if the data is no longer kept locally. With OpenTDF the data owner can maintain “forever control” over their data.

The app, Secure Share, demonstrates menstrual cycle and symptom tracking in a Zero Trust Data Control situation. Zero Trust – the assumption that your data is never really safe, builds data control into the data itself. That’s the power of Trusted Data Format (TDF).

In this use case, a user could share personal and sensitive health care information with a health care provider, and revoke access to that information when the provider has completed the necessary steps to provide healthcare. The user, or data owner, can also put restrictions on the ability of that provider to further share the respective data with other 3rd parties.

The Secure Share demo was built using OpenTDF’s new React Native SDK and featured at DefCon 2022.

Secure Cycle on Github

IoT Optimized Data Streams.

This example demonstrates Attribute Based Access Control in a low-processing, low-bandwidth, Zero Trust IoT environment. It implements NanoTDF to protect in-the-field data from source to destination. NanoTDF has been optimized for embedded, IoT, low-bandwidth streaming data scenarios and includes the entitlement policy at the device itself.

In this demo, we use attributes to define subscription tiers and age limits for respective audiences. Entitlements are granted through their respective attributes and can be seen granted and revoked in real time while observing the video stream.

Webcamp App on Github

Learn about Attribute Based Access Control.

ABACship is a two-player battleship-like game implemented using OpenTDF and ABAC (Attribute Based Access Control). The visibility of each square on the board is controlled using attributes and the entitlements assigned to them, respectively.

ABACship on Github

Learn More and Get Involved!

OpenTDF can provide data privacy and control to virtually any application. Browse the examples and SDKs on the GitHub repo. Check out the web-app demo for an example of how to start sharing forever protected data on tether in a demo cloud storage application.

Get involved, build a demo, join the chat, or start contributing to the code base with a pull request any time. We’re excited to have you here.

More OpenTDF

Getting Started

If you want to jump directly into building out an OpenTDF environment, the best place to start is the Quickstart Guide. To get a better idea of what you can do with OpenTDF, and some example code of how to do it, please refer to the example projects below.

Privacy, Period.

Secure Cycle demonstrates data control even after a user has shared their data. With OpenTDF, the data owner has the option of putting a tether on their data, with the ability to revoke access even if the data is no longer kept locally. With OpenTDF the data owner can maintain “forever control” over their data.

The app, Secure Share, demonstrates menstrual cycle and symptom tracking in a Zero Trust Data Control situation. Zero Trust – the assumption that your data is never really safe, builds data control into the data itself. That’s the power of Trusted Data Format (TDF).

In this use case, a user could share personal and sensitive health care information with a health care provider, and revoke access to that information when the provider has completed the necessary steps to provide healthcare. The user, or data owner, can also put restrictions on the ability of that provider to further share the respective data with other 3rd parties.

The Secure Share demo was built using OpenTDF’s new React Native SDK and featured at DefCon 2022.

IoT Optimized Data Streams.

This example demonstrates Attribute Based Access Control in a low-processing, low-bandwidth, Zero Trust IoT environment. It implements NanoTDF to protect in-the-field data from source to destination. NanoTDF has been optimized for embedded, IoT, low-bandwidth streaming data scenarios and includes the entitlement policy at the device itself.

In this demo, we use attributes to define subscription tiers and age limits for respective audiences. Entitlements are granted through their respective attributes and can be seen granted and revoked in real time while observing the video stream.

Learn about Attribute Based Access Control.

ABACship is a two-player battleship-like game implemented using OpenTDF and ABAC (Attribute Based Access Control). The visibility of each square on the board is controlled using attributes and the entitlements assigned to them, respectively.

Learn More and Get Involved!

OpenTDF can provide data privacy and control to virtually any application. Browse the examples and SDKs on the GitHub repo. Check out the web-app demo for an example of how to start sharing forever protected data on tether in a demo cloud storage application.

Get involved, build a demo, join the chat, or start contributing to the code base with a pull request any time. We’re excited to have you here.

Project Overview and Current State

The OpenTDF project was released with a view towards a community being able to build hosted and scalable projects. It therefore involves a Kubernetes cluster and several other services to facilitate full functionality and scalability. Don’t let that deter you, though. In the Getting Started section you’ll find guides to get you started on a local node quickly and easily.

There are many example projects included in the OpenTDF GitHub repos. These should help you familiarize yourself with how and what you can do with the OpenTDF project. Bear in mind, the OpenTDF project is open source. You’re not only welcomed, but you are encouraged to contribute to both its code base as well as its guided future.

The company behind the initial launch of the OpenTDF project, Virtru, is actively soliciting feedback and suggestions for where Virtru can most help with the future of this community endeavor. For example, one such idea that is currently being explored is a scaled-back version of an OpenTDF quick start for smaller, more point-solution projects, as opposed to platform-based, scalable solutions.

See the Project on Github

Share Your Feedback

Virtru, the sponsor of the OpenTDF developer community, would love to hear from you!

We’re developers, too, and as we mature the project, we’re curious what you’re building, and what kind of problems you may be encountering or are trying to solve.

You can provide anonymous feedback (name, email, and company are not required fields on this form), or share your contact information for access to curated resources, updates, and if you request a response.