Secure Sharing of High Integrity Documents: Difference between revisions
Line 2: | Line 2: | ||
When documents from multiple sources are sent in response to a request, some means must be established to set the context of the documents so that the receiving process can determine how to process every element of the transmission. | When documents from multiple sources are sent in response to a request, some means must be established to set the context of the documents so that the receiving process can determine how to process every element of the transmission. | ||
==Context== | ==Context== | ||
Existing authentication and access management functions are focused using | |||
===Use Case, Consent with Assurance=== | ===Use Case, Consent with Assurance=== | ||
Consider the case of a user attempting to establish a connection with a site that they have never been registered that requires both consent of the user to store their personal data plus assurance of either the identity (IAL2) or authentication (AAL2) of the resulting connection. While it has been possible to do this using separate messages, the user experience requires separate actions by the user. The proposed solution for this is the following: | Consider the case of a user attempting to establish a connection with a site that they have never been registered that requires both consent of the user to store their personal data plus assurance of either the identity (IAL2) or authentication (AAL2) of the resulting connection. While it has been possible to do this using separate messages, the user experience requires separate actions by the user. The proposed solution for this is the following: |
Revision as of 23:13, 29 February 2020
Full Title
When documents from multiple sources are sent in response to a request, some means must be established to set the context of the documents so that the receiving process can determine how to process every element of the transmission.
Context
Existing authentication and access management functions are focused using
Use Case, Consent with Assurance
Consider the case of a user attempting to establish a connection with a site that they have never been registered that requires both consent of the user to store their personal data plus assurance of either the identity (IAL2) or authentication (AAL2) of the resulting connection. While it has been possible to do this using separate messages, the user experience requires separate actions by the user. The proposed solution for this is the following:
- The user establishes an identifier, possibly with some attributes, like email or phone, that will authenticate an interchange session.
- The user acquires some hardware device that can keep the user's credentials secure from attack.
Problems
OAuth 2.0 and OpenID Connect 1.0 have worked very well by focusing on the following limitations:
- A single subject
- A single source of data
- A single requester of that data.
- A single authenticator of the user identity
FIDO and Web Authentication have extended this by inserting a separate step where the data requester asks for additional assurance from the user in a separate interchange.
- While the above limitations will likely continue to apply to a very large number of Web interchanges, more and more interchanges require richer message structures. This document only addresses these richer information environments.