Getting Started
Introduction
This document is a user's manual for the Fujitsu Research Portal that explains how to use the Tr3 Web API, which provides "Transparent Trust Transfer" Fujitsu's proprietary digital signature technology, in reference scenarios for content ownership management.
In the scenario, the authenticity of the content data itself and the authenticity of the metadata recorded about the exchange of the content data are guaranteed by the "Transparent Trust Transfer" technology for the content data distributed in the metaverse/game space, and it is confirmed that it can be applied to the content ownership management.
Glossary
| Term | Description |
|---|---|
| Tr3 | The code name for the "Transparent Trust Transfer" technology provided by Fujitsu. |
| Tr3 system | A system that provides Tr3 Web API services. |
| Tr3 client | A system that calls the Web API service provided by the Tr3 system. |
| Apps | Web or native applications that end users use to connect to Tr3 clients. |
| Content ownership management service | A service that manages ownership of content data published in the metaverse and game worlds by calling the Tr3 system Web API to issue and verify digital signatures. The Tr3 client in the reference scenario. |
| Workflow | In content ownership management services, an ordered list of stakeholders defined for approval of content ownership transfer. Or an ordered list of approval actions by stakeholders. |
| ALH Signature | The code name of the hash chain based aggregation signature (Aggregate signature with Lasting Hash chain). Fujitsu's original digital signature technology, which combines signature order verification and aggregate signature verification, is one of the multi-signature schemes. Ensure that the subject of the signature is signed in the order of a workflow and has not been tampered with since the time of each signature. |
| ALH Individual Signature | In ALH Signature, signatures that are signed in each of the steps of the workflow is called as ALH Individual Signature. |
| ALH Aggregation Signature | In ALH Signature, a signature that is signed with aggregating all ALH individual signatures when a workflow is completed. |
| ASiC-E | Abbreviation for Associated Signature Container Extended. A ZIP format that allows a single data container to contain multiple signed artifacts. It is standardized by the European Telecommunications Standards Institute ETSI TS 102 918 and is specified in the eIDAS Regulation (European Standard). |
| ASiC-E Signature | Signatures given to ASiC-E to ensure the integrity of content data and ALH signatures. |
| ALHT | Aggregate signature with Lasting Hash chain token. An ASiC-E file that contains the content data to be subject to ownership management and an ALH aggregate signature that certifies ownership within the content ownership management service. |
NOTES
In the scenarios of this manual, the characters and Ordered Approver Lists in the rules for ALHT issuance and transfer are only examples, and the actual system is not limited to these examples. Design it for the scenario, use case, or specific situation you want to apply.
In order to clarify the responsibilities of the Tr3 client and the Tr3 system, this manual provides a very specific example of how the Tr3 client manages and processes data, but this is just one example. Use the examples in this manual to design the data structure and processing of the Tr3 client.
Getting Started with Tr3 at the Fujitsu Research Portal
Create accounts and issue API access tokens
Before you can call the Fujitsu Research Portal's Tr3 system, you must create an account. To make an API request, you must authenticate, get an API access token (< ACCESS _ TOKEN >), and set the Authorization: Bearer < ACCESS _ TOKEN > header in each API request.
Details on how to create an account and issue an API access token are described in the User Manual in the How to create account and the How to issue API Access Token.
Linking Tr3 user ID and Fujitsu Research Portal account
The Tr3 system identifies the user with its own internal user ID (tr3UserId).
The Tr3 system provided by the Fujitsu Research Portal treats Fujitsu Research Portal user IDs (the value of sub in the API access token) as tr3UserId.
If you want to run the four-user scenario described in this document on the Fujitsu Research Portal, you must to create four accounts for each of the four users and get their Fujitsu Research Portal user IDs.
Calling the "User API" with a username returns the Fujitsu Research Portal user ID. For detailed instructions, refer to "How to search portal user information".
Fujitsu Research Portal API details page
To send a request to API, sign in to Fujitsu Research Portal and get an API access token.
The Fujitsu Research Portal API Details Page allows you to see how the API works from your Web browser.The Fujitsu Research Portal API Details Page allows you to easily specify the parameters for sending API requests in the GUI, so that you can examine and trial the request parameters in different cases. If you access https://portal.research.global.fujitsu.com/api-details#api=tr3-v2-api-specification in your browser, you can view information about the Tr3 Web API in the UI shown in the following image.
You can check the details of the API, request parameters, and response format by clicking the item you want to check from the API list. You can also send API requests from your browser by clicking the Try it button and selecting HTTP from the HTTP request pull-down menu on the page that opens. By entering each parameter and clicking the Send button, the API request is sent and the returned API response can be viewed in the browser. Alternatively, you can obtain a Curl command for making an API request by selecting Curl from the pull-down menu of HTTP request and execute it on your terminal. The Fujitsu Research Portal's usage of the API is described in detail in the user manual How to call APIs.
How to search portal user information
Send a GET request to /users on the Tr3 system to verify the user ID. The following is an example of executing a GET request using the curl command:
$ curl -X 'GET' \
'https://apigateway.research.global.fujitsu.com/tr3/users?username=<username>' \
-H 'Authorization: Bearer <ACCESS_TOKEN>'
The user search API requires username as a query parameter in the request. username specifies the usernamethat you set up when you created your Fujitsu Research Portal account. Returns only information about users whose username matches exactly, but returns an empty array ([]) if no matching username is found.
If username matches the value specified for the username parameter, a JSON response similar to the following is returned:.
[
{
"id": "<user ID>",
"username": "<username>"
}
]
id in this response is the user ID corresponding to the account with user name.