https://wiki.idesg.org/index.php?action=history&feed=atom&title=Revocation_of_Delegated_Authentication_Use_CaseRevocation of Delegated Authentication Use Case - Revision history2026-04-16T16:33:14ZRevision history for this page on the wikiMediaWiki 1.38.4https://wiki.idesg.org/index.php?title=Revocation_of_Delegated_Authentication_Use_Case&diff=6404&oldid=prevOmaerz: 2 revisions imported: Initial Upload of old pages from IDESG Wiki2018-06-28T04:03:26Z<p>2 revisions imported: Initial Upload of old pages from IDESG Wiki</p>
<p><b>New page</b></p><div>'''Title''': <br />
Revocation of Delegated Authentication<br />
<br />
<br /><br />
'''Use Case Description''': <br />
Via a person’s identity with a high value credential, disassociate access rights with another individual’s identity depreciating any authority for that person to act on their behalf .<br />
<br />
<br /><br />
'''Use Case Category''': Trust/Assurance, Authentication, Interoperability, Privacy<br />
<br />
<br /><br />
'''Contributor''': John MacTaggart<br />
<br />
<br /><br />
=== Use Case Details ===<br />
'''Actors''': <br />
* Financial institution<br />
* Benefits Providers<br />
* Relying parties<br />
* Identity Providers<br />
<br />
<br /><br />
'''Goals''': <br />
# Timely discontinuance of access to private information by others on behalf of primary user<br />
# Fraud reduction which may imply cost reduction for the relying party.<br />
# Viable business model for the relying party.<br />
<br />
<br /><br />
'''Assumptions''': <br />
# The relying party supports delegated access and revocation of delegated access<br />
<br />
<br /><br />
'''Requirements''': <br />
Internet access device, identity information for the authorizing user, delegated user and identity information of the relying party.<br />
<br />
<br /><br />
'''Process Flow''': <br />
# The delegating user accesses the relying party with high level authentication as required by the relying party. <br />
# The user wishes to terminate a delegation relation with another known user at the relying party<br />
## The user searches and selects a delegated user with access to their account<br />
## The user request that the delegation be terminated <br />
# The relationship is terminated for that relying party and all parties are notified of the change<br />
<br />
<br /><br />
'''Success Scenario''': <br />
# Delegated User can no longer access their client’s information.<br />
# Delegated spouse can no longer access benefits accounts established their spouse. <br />
# Delegated financial planner can no longer access performance results of their clients.<br />
# Delegated mortgage broker can no longer access account and rate information of their clients<br />
<br />
<br /><br />
'''Error Conditions''': <br />
# The delegating User does not have the credentials required by the relying party. Mitigation: the relying party to allow manual request to revoke delegated relationship<br />
# User cannot find the delegated user in the relying party system. <br />
# Relying party does not support revocation of delegated access.<br />
<br />
<br /><br />
=== Relationships ===<br />
* Extended by:<br />
** <br />
**<br />
* Extension of: <br />
<br />
=== References and Citations ===<br />
* <br />
* <br />
<br /><br />
<br />
<br />
[[Category:Identity Management Use Cases]]<br />
[[Category:Use Cases]]</div>Omaerz