Secure Sharing of High Integrity Documents: Difference between revisions
Jump to navigation
Jump to search
Line 2: | Line 2: | ||
When documents from multiple sources are sent in response to a request, some means must be established to set the context of the documents so that the receiving process can determine how to process every element of the transmission. | When documents from multiple sources are sent in response to a request, some means must be established to set the context of the documents so that the receiving process can determine how to process every element of the transmission. | ||
==Context== | ==Context== | ||
===Use Case, Consent with Assurance== | ===Use Case, Consent with Assurance=== | ||
Consider the case of a user attempting to establish a connection with a site that they have never been registered that requires both consent of the user to store their personal data plus assurance of either the identity (IAL2) or authentication (AAL2) of the resulting connection. While it has been possible to do this using separate messages, the user experience requires separate actions by the user. The proposed solution for this is the following: | Consider the case of a user attempting to establish a connection with a site that they have never been registered that requires both consent of the user to store their personal data plus assurance of either the identity (IAL2) or authentication (AAL2) of the resulting connection. While it has been possible to do this using separate messages, the user experience requires separate actions by the user. The proposed solution for this is the following: | ||
# The user establishes an identifier, possibly with some attributes, like email or phone, that will authenticate an interchange session. | # The user establishes an identifier, possibly with some attributes, like email or phone, that will authenticate an interchange session. | ||
# The user acquires some hardware device that can | # The user acquires some hardware device that can keep the user's credentials secure from attack. | ||
==Problems== | ==Problems== |
Revision as of 22:53, 29 February 2020
Full Title
When documents from multiple sources are sent in response to a request, some means must be established to set the context of the documents so that the receiving process can determine how to process every element of the transmission.
Context
Use Case, Consent with Assurance
Consider the case of a user attempting to establish a connection with a site that they have never been registered that requires both consent of the user to store their personal data plus assurance of either the identity (IAL2) or authentication (AAL2) of the resulting connection. While it has been possible to do this using separate messages, the user experience requires separate actions by the user. The proposed solution for this is the following:
- The user establishes an identifier, possibly with some attributes, like email or phone, that will authenticate an interchange session.
- The user acquires some hardware device that can keep the user's credentials secure from attack.