Access Age Restricted Content Use Case

From IDESG Wiki
Revision as of 03:00, 28 June 2018 by Omaerz (talk | contribs) (26 revisions imported: Initial Upload of old pages from IDESG Wiki)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Template:Comment

Use Case Metadata

Title

Access Age Restricted Content Use Case

Status

Use Case Lifecycle Status

Contributed Working Draft Committee Review Compilation Approval Publication
This use case has been approved in version 1.2. This page may have been updated since the 1.2 document was approved.

Contributor

Nym Issues Group and Use Case AHG

Use Case Content

Use Case Description

Enable individuals to prove that the are within a certain age range without disclosing their identity. This could be to support COPPA safe harbor provisions by verifying minority status without identification, or to enable adults to access mature content with privacy.

Actors

  • Subscriber is a human wishing to access a service with age restrictions without revealing their identity.
  • Relying Party needs to provide access only to individuals within a specified age range.
  • Attribute Provider provides an age verification service.

Goals / User Stories

  • Enable individuals to prove that the are within a certain age range without disclosing their identity.
  • No identity information about adult must be verifiable but age.

Assumptions

  • Individuals/subscriber do not have a credential.
  • Attribute Provider may be a credential issuer.
  • Individuals are willing to share identity information with Attribute Provider in order to obtain anonymous age verified access to Relying party.
  • During enrollment, Subscriber undergoes Identity Proofing that includes verification of their Date of Birth.

Process Flow

Proof of Age Process Flow

  1. Subscriber registers with Attribute Provider
  2. Attribute Provider creates a claim that satisfies the relying party but does not include the birth date.

Verification of Age Process Flow

  1. Subscriber attempts to access age-restricted content on the Relying Party.
  2. Service provider discovers the attribute provider by either:

a. Subscriber informs Service Accept. 2. Service provider discovers the attribute provider by either:

   a.Subscriber informs Service Provider of Attribute Provider, or 
   b.Service Provider queries for Attribute Provider that can verify Subsrciber.
  1. Relying Party requests a claim from the Attribute Provider of the required age range.
  2. Subscriber proves to attribute provider that it owns the birth date information in the AP.
  3. Attribute Provider locates Subscriber’s Date of Birth and calculates whether Subscriber is in the required age range.
  4. Attribute Provider provides a claim to Relying Party with confirmation or denial that the Subscriber falls in the required age range.

Success Scenario

The use case is successful when the Relying Party can verify whether Subscribers are in the specified age range.

Failure Scenario

  • Relying Party is unable to find an Attribute Provider to vouch for the Subscriber’s age.

Error Conditions

  • Wrong requirement is sent or the wrong attribute is sent.

Relationships

Related to Identity Proofing Use Case, Verify Identity Claim Use Case

References and Citations

NSTIC Strategy (p. 2, p. 11, p. 23, p. 38) Children’s Online Privacy Protection Act (COPPA)

NSTIC Guiding Principles Considerations

Privacy Considerations

Security Considerations

User Experience/Usability Considerations

Interoperability Considerations

Domain Expert Working Group Considerations

Financial

Health Care

Derived Requirements