Persona Attributes: Difference between revisions
m (5 revisions imported: Initial Upload of old pages from IDESG Wiki) |
(No difference)
|
Latest revision as of 04:02, 28 June 2018
Title: Essential characteristics for trusted attributes
Use Case Description:
An "attribute" is a detectable property or characteristic of an entity (person, device, organization, code, or agent). An acceptable collection of attributes is necessary to identify an entity in one or more of its personas. Therefore attributes must be acceptably trustworthy to a relying party in order to provide them with a trusted identity.
Use Case Category: Identity
Contributor: Ian Dobson
Use Case Details
Actors:
- Attribute Providers
- Relying Parties
- Trusted digital identity - Core Identifier (cf> Secure Anonymous Digital Identity
Goals: Given that a person can (any usually does) have many Personas (work, family, e-Citizen, tax, health, golf-club, social networking, etc.), then for a persona to be trusted the attributes used to make that persona acceptably trusted must be authoritative. Since attributes arise from many different sources, then each source of attribute information must be held responsible for the temporal accuracy, protection from loss, and inappropriate disclosure, of the attributes over which they are custodians.
Assumptions:
- A trusted digital anonymous identifier (cf. Core Identifier), if cryptographically bound to only the necessary attributes to define a persona, will provide a trusted digital persona
- Only those attributes necessary to establish a trusted persona should need to be disclosed. This is privacy-enhancing, and minimizes opportunity for aggregation of information of identity information.
Requirements:
- the person owning the identity must own a Core Identifier
- the process to cryptographically create a persona in this way must be performed using an accredited process and by an authorized official, and be low-cost
Process Flow:The process is described in Jericho Forum references listed below:
- Identity Videos #2 and #3 (each approx. 4 mins)
- Identity Key Concepts, sections 3.2 & 3.3.
Success Scenario: You want to buy a high-cost state-of-the-art top-of-the-range item online - for example a 90-inch TV - say $60,000 from an online supplier.
- you need to provide the relying party (online supplier) with acceptable trust that you can register as a bona fide online customer, you can pay using an acceptable credit card, and you can provide a trusted delivery address.
- You can register an e-Commerce Persona with the relying party, using only your trusted Core Identifier to provide trust that you have registered as a real person
- You can provide your Credit Card Persona bound to your credit card issuer to provide trust that it is your credit card and its number is valid
- You can provide your e-Citizen Address persona to validate the delivery address is valid as yours.
This use-case model applies for all online requirements.
Error Conditions: ?
Relationships
- Extended by:
- Extension of:
References and Citations
- Jericho Forum Identity Commandments #6, #7, #8, available via a link at
https://collaboration.opengroup.org/jericho/, or directly at https://www2.opengroup.org/ogsys/catalog/W125
- Jericho Forum Identity Videos #2 & #3, available via links to YouTube on https://collaboration.opengroup.org/jericho/
or directly at
- Video #2: http://www.youtube.com/embed/ZlG3yZfk9tw
- Video #3: http://www.youtube.com/embed/1eESVQHpmp8
- Jericho Forum Identity Key Concepts Guide, available via a link at
https://collaboration.opengroup.org/jericho/, or directly at https://www2.opengroup.org/ogsys/catalog/G128