Machine Readable Governance
From MgmtWiki
Full Title or Meme
Analysis of a Machine Readable Governance as applied to COVID Creentisls by the government of Aruba for access to that country.
Context
Current Draft
2022-03-22 - It is believed that this output is designed to be a json-LD document - but that has not been verified.
{ "@context": [ "https://github.com/hyperledger/aries-rfcs/blob/main/concepts/0430-machine-readable-governance-frameworks/context.jsonld" ], "name": "COVID Governance", "version": "0.1", "format": "1.0", "id": "<uuid>", "description": "This document describes COVID health and travel governance for the nation of in a machine readable way.", "last_updated": "2022-02-24", "docs_uri": "need_to_create", "data_uri": "need_to_create", "topics": [ "medical, travel" ], "jurisdictions": [ "US>NY>New York City", "US>PA" ], "geos": [ "USA", ], "schemas": [ { "id": "4CLG5pU5v294VdkMWxSByu:2:Medical_Release:1.0", "name": "Medical Release", }, { "id": "RuuJwd3JMffNwZ43DcJKN1:2:Lab_Order:1.4", "name": "Lab Order" }, { "id": "RuuJwd3JMffNwZ43DcJKN1:2:Lab_Result:1.4", "name": "Lab Result" }, { "id": "RuuJwd3JMffNwZ43DcJKN1:2:Vaccination:1.4", "name": "Vaccine" }, { "id": "RuuJwd3JMffNwZ43DcJKN1:2:Vaccine_Exemption:1.4", "name": "Vaccine Exemption" }, { "id": "RuuJwd3JMffNwZ43DcJKN1:2:Trusted_Traveler:1.4", "name": "Trusted Traveler" } ], "participants": [ { "name": "Country Government", "id": "RqeuBcho2Br1wszHpnseMf", "describe": { "label": "Country Government", "sublabel": "Government", "website": "issuinggovernmentsite.org", "email": "credential_manager@issuinggovernmentsite.org" } }, { "name": "Local Health Lab", "id": "APk7kmMyzM4VTUkFUACrky", "describe": { "label": "Health Lab", "sublabel": "Local Health Lab", "website": "issuinglabsite.com", "email": "credential_manager@issuinglabsite.com" } }, { "name": "Large Event Venue", "id": "7CyC6bkX93tcMvLQCbpTqM", "describe": { "label": "Event Venue", "sublabel": "Large Event Venue", "website": "verifyingorgsite.com", "email": "verifying_manager@verifyingorgsite.com" } } ], "roles": [ "holder", "health_issuer", "travel_issuer", "health_verifier", "travel_verifier", "hospitality_verifier" ], "permissions": [ { "grant": ["health_issuer"], "when": { "any": [ {"id": "APk7kmMyzM4VTUkFUACrky"}, ] } }, { "grant": ["travel_issuer"], "when": { "any": [ {"id": "RqeuBcho2Br1wszHpnseMf"} ] } }, { "grant": ["health_verifier"], "when": { "any": [ {"id": "RqeuBcho2Br1wszHpnseMf"} ] } }, { "grant": ["travel_verifier"], "when": { "any": [ {"id": "RqeuBcho2Br1wszHpnseMf"} ] } }, { "grant": ["hospitality_verifier"], "when": { "any": [ {"id": "7CyC6bkX93tcMvLQCbpTqM"} ] } } ], "actions": [ { "name": "connect-holder-health-issuer", "role": [ "health_issuer" ], "initial": true, "type": "protocol", "data": { "protocol": "https://didcomm.org/connections/1.0/", "startmessage": "invitation" }, "next": { "success": "ask-demographics", "error": "some-kind-of-error-handler..." } }, { "name": "ask-demographics", "role": [ "health_issuer" ], "type": "protocol", "data": { "protocol": "https://didcomm.org/questionAnswer/1.0/", "startmessage": "question", "question_answer": [ { "question": "Have you received a Medical Release credential from Health Lab before?" }, { "question_detail": "Please select an option below:" }, { "valid_responses": [ { "text": "I need a new credential" }, { "text": "I already have a credential" } ] } ] }, "next": { "success": "decision-medical-release-option", "error": "some-kind-of-error-handler..." } }, { "name": "decision-medical-release-option", "role": [ "health_issuer" ], "type": "decision", "data": { "input_name": "medical_release_option", "options": [ { "values": [ "I need a new credential" ], "next": "request-identity-presentation" }, { "values": [ "I already have a credential" ], "next": "request-presentation" } ] }, "next": { "success": "default", "error": "some-kind-of-error-handler..." } }, { "name": "request-identity-presentation", "role": [ "health_issuer" ], "type": "protocol", "data": { "protocol": "https://didcomm.org/present-proof/1.0/", "startmessage": ["request-presentation"] }, "next": { "success": "decision-country-of-origin", "error": "some-kind-of-error-handler..." } }, { "name": "request-presentation", "role": [ "health_issuer" ], "type": "protocol", "data": { "protocol": "https://didcomm.org/present-proof/1.0/", "startmessage": ["request-presentation"] }, "next": { "success": "decision-country-of-origin", "error": "some-kind-of-error-handler..." } }, { "name": "decision-country-of-origin", "role": [ "health_issuer" ], "type": "decision", "data": { "input_name": "country_of_origin", "options": [ { "values": [ ], "next": "reject-country" }, { "values": [ ], "next": "select-health-credentials" } ] }, "next": { "success": "select-health-credentials", "error": "some-kind-of-error-handler..." } }, { "name": "select-health-credentials", "role": [ "health_issuer" ], "type": "decision", "data": { "input_name": "requested_health_credential", "options": [ { "values": [ "lab_result" ], "next": "validate-lab-result" }, { "values": [ "exemption" ], "next": "validate-exemption" }, { "values": [ "vaccination" ], "next": "validate-vaccination" } ] }, "next": { "success": "lab_result", "error": "some-kind-of-error-handler..." } }, { "name": "issue-lab-result", "role": [ "health_issuer" ], "type": "protocol", "data": { "schema": "RuuJwd3JMffNwZ43DcJKN1:2:Lab_Result:1.4", "protocol": "https://didcomm.org/issue-credential/1.0/", "startmessage": "offer-credential" }, "next": { "success": "request-health-proof", "error": "some-kind-of-error-handler..." } }, { "name": "issue-exemption", "role": [ "health_issuer" ], "type": "protocol", "data": { "schema": "RuuJwd3JMffNwZ43DcJKN1:2:Exemption:1.4", "protocol": "https://didcomm.org/issue-credential/1.0/", "startmessage": "offer-credential" }, "next": { "success": "request-health-proof", "error": "some-kind-of-error-handler..." } }, { "name": "issue-vaccination", "role": [ "health_issuer" ], "type": "protocol", "data": { "schema": "RuuJwd3JMffNwZ43DcJKN1:2:Vaccination:1.4", "protocol": "https://didcomm.org/issue-credential/1.0/", "startmessage": "offer-credential" }, "next": { "success": "request-health-proof", "error": "some-kind-of-error-handler..." } }, { "name": "request-health-proof", "role": [ "travel_issuer" ], "initial": true, "type": "protocol", "data": { "protocol": "https://didcomm.org/issue-credential/1.0/", "startmessage": "request-presentation", "presentation_definition": "http://localhost:3100/api/presentation-exchange" }, "next": { "success": "verify-health-credential", "error": "some-kind-of-error-handler..." } }, { "name": "verify-health-credential", "role": [ "travel_issuer" ], "type": "protocol", "data": { "protocol": "https://didcomm.org/present-proof/1.0/", "startmessage": "request-presentation", "presentation_definition": "http://localhost:3100/api/presentation-exchange" }, "next": { "success": "validate-health-credential", "error": "some-kind-of-error-handler..." } }, { "name": "validate-health-credential", "role": [ "travel_issuer" ], "type": "protocol", "data": { "presentation_definition": "http://localhost:3100/api/presentation-exchange" }, "next": { "success": "issue-trusted-traveler", "error": "some-kind-of-error-handler..." } }, { "name": "issue-trusted-traveler", "role": [ "travel_issuer" ], "initial": true, "type": "protocol", "data": { "protocol": "https://didcomm.org/issue-credential/1.0/", "startmessage": "offer-credential", "schema": "RuuJwd3JMffNwZ43DcJKN1:2:Trusted_Traveler:1.4" } }, { "name": "reject-country", "role": [ "travel-issuer" ], "type": "protocol", "data": { "protocol": "https://didcomm.org/basic-message/1.0/", "startmessage": "send-message", "content": "We're sorry, your country is not approved for entry by Government" } }, { "name": "submit-payment", "role": [ "point-of-sale" ], "type": "api", "data": { "api": "https://paymentmagic.com", "method": "POST", "attributes": [ "customer_name", "customer_date_of_birth", "customer_billing_address", "customer_shipping_address", "credit_card_number", "credit_card_expiration", "credit_card_security_code" ] } } ] }
Commentary
- While it is clear that this document will be changed often during an infection, even daily, it is not clear how to tell what is valid at any pariticular time. F or example could the traveller be assure that the policy in force at the time of departure would be applied at the time of debarkation? See the user journey of a Credential Policy Coordination for details.
- "schemas"
- "participants"
Reference
- See wiki page Policy-Based Access Control.