OpenTDF NiFi

Integration of the OpenTDF Platform into NiFi

Components:

• "Zero Trust Data Format" (ZTDF) Processors:

  • ConvertToZTDF: A NiFi processor that converts FlowFile content to ZTDF format.
  • ConvertFromZTDF: A NiFi processor that converts ZTDF formatted FlowFile content to its plaintext representation

• NanoTDF Processors (See NanoTDF Specification):

  • ConvertToNanoTDF: A NiFi processor that converts FlowFile content to NanoTDF format.
  • ConvertFromNanoTDF: A NiFi processor that converts NanoTDF formatted FlowFile content to its plaintext representation

• Controller Services:

  • OpenTDFControllerService: A NiFi controller service providing OpenTDF Platform Configuration

Using a custom TrustStore

Communicating over TLS with self-signed or other untrusted certs can be configured using NiFi's standard SSL Context Service and then wired into the processors by setting their respective SSL Context Service properties to use a configured SSL Context Service.

Example

See An Sample NiFi FlowFile Template using ZTDF/NanoTDF Processors

Upload and use this template in NiFi:

• Configure the OpenTDFControllerService properties
  • set then OpenTDF compliant endpoint
  • set OIDC Client credentials (client id and client secret)
  • set the data policy (UpdateAttribute Processor)
  • set the KAS URL: ConvertToZTDF , ConvertToNanoTDF processors

FlowChart: Generic ZTDF Nifi Flows

FlowChart: Generic NanoTDF NiFi Flows

Quick Start - Docker Compose

1. Build the NiFi Archives (NARs) and place in the docker compose mounted volumes. The opentd java-sdk is currently hosted on github's maven package repository, so github credentials are required to perform a maven build.

   export GITHUB_ACTOR=your gh username
   export GITHUB_TOKEN=your gh token
   make compose-package

2. Build local Nifi Image

   make nifi-image

3. Start docker compose

   docker compose up

4. Log into NiFi