Machine Readable Governance
From MgmtWiki
Full Title or Meme
Analysis of a Machine Readable Governance as applied to COVID Creentisls by the government of Aruba for access to that country.
Context
Current Draft
- 2022-03-22 - It is believed that this output is designed to be a json-LD document - but that has not been verified.
- the operating assumption is that this is designed as the policy of the government to be applied by customs and immigration officers at debarkation.
{
"@context": [
"https://github.com/hyperledger/aries-rfcs/blob/main/concepts/0430-machine-readable-governance-frameworks/context.jsonld"
],
"name": "COVID Governance",
"version": "0.1",
"format": "1.0",
"id": "<uuid>",
"description": "This document describes COVID health and travel governance for the nation of in a machine readable way.",
"last_updated": "2022-02-24",
"docs_uri": "need_to_create",
"data_uri": "need_to_create",
"topics": [
"medical, travel"
],
"jurisdictions": [
"US>NY>New York City",
"US>PA"
],
"geos": [
"USA",
],
"schemas": [
{
"id": "4CLG5pU5v294VdkMWxSByu:2:Medical_Release:1.0",
"name": "Medical Release",
},
{
"id": "RuuJwd3JMffNwZ43DcJKN1:2:Lab_Order:1.4",
"name": "Lab Order"
},
{
"id": "RuuJwd3JMffNwZ43DcJKN1:2:Lab_Result:1.4",
"name": "Lab Result"
},
{
"id": "RuuJwd3JMffNwZ43DcJKN1:2:Vaccination:1.4",
"name": "Vaccine"
},
{
"id": "RuuJwd3JMffNwZ43DcJKN1:2:Vaccine_Exemption:1.4",
"name": "Vaccine Exemption"
},
{
"id": "RuuJwd3JMffNwZ43DcJKN1:2:Trusted_Traveler:1.4",
"name": "Trusted Traveler"
}
],
"participants": [
{
"name": "Country Government",
"id": "RqeuBcho2Br1wszHpnseMf",
"describe": {
"label": "Country Government",
"sublabel": "Government",
"website": "issuinggovernmentsite.org",
"email": "credential_manager@issuinggovernmentsite.org"
}
},
{
"name": "Local Health Lab",
"id": "APk7kmMyzM4VTUkFUACrky",
"describe": {
"label": "Health Lab",
"sublabel": "Local Health Lab",
"website": "issuinglabsite.com",
"email": "credential_manager@issuinglabsite.com"
}
},
{
"name": "Large Event Venue",
"id": "7CyC6bkX93tcMvLQCbpTqM",
"describe": {
"label": "Event Venue",
"sublabel": "Large Event Venue",
"website": "verifyingorgsite.com",
"email": "verifying_manager@verifyingorgsite.com"
}
}
],
"roles": [
"holder",
"health_issuer",
"travel_issuer",
"health_verifier",
"travel_verifier",
"hospitality_verifier"
],
"permissions": [
{
"grant": ["health_issuer"],
"when": {
"any": [
{"id": "APk7kmMyzM4VTUkFUACrky"},
]
}
},
{
"grant": ["travel_issuer"],
"when": {
"any": [
{"id": "RqeuBcho2Br1wszHpnseMf"}
]
}
},
{
"grant": ["health_verifier"],
"when": {
"any": [
{"id": "RqeuBcho2Br1wszHpnseMf"}
]
}
},
{
"grant": ["travel_verifier"],
"when": {
"any": [
{"id": "RqeuBcho2Br1wszHpnseMf"}
]
}
},
{
"grant": ["hospitality_verifier"],
"when": {
"any": [
{"id": "7CyC6bkX93tcMvLQCbpTqM"}
]
}
}
],
"actions": [
{
"name": "connect-holder-health-issuer",
"role": [
"health_issuer"
],
"initial": true,
"type": "protocol",
"data": {
"protocol": "https://didcomm.org/connections/1.0/",
"startmessage": "invitation"
},
"next": {
"success": "ask-demographics",
"error": "some-kind-of-error-handler..."
}
},
{
"name": "ask-demographics",
"role": [
"health_issuer"
],
"type": "protocol",
"data": {
"protocol": "https://didcomm.org/questionAnswer/1.0/",
"startmessage": "question",
"question_answer": [
{
"question": "Have you received a Medical Release credential from Health Lab before?"
},
{
"question_detail": "Please select an option below:"
},
{
"valid_responses": [
{
"text": "I need a new credential"
},
{
"text": "I already have a credential"
}
]
}
]
},
"next": {
"success": "decision-medical-release-option",
"error": "some-kind-of-error-handler..."
}
},
{
"name": "decision-medical-release-option",
"role": [
"health_issuer"
],
"type": "decision",
"data": {
"input_name": "medical_release_option",
"options": [
{
"values": [
"I need a new credential"
],
"next": "request-identity-presentation"
},
{
"values": [
"I already have a credential"
],
"next": "request-presentation"
}
]
},
"next": {
"success": "default",
"error": "some-kind-of-error-handler..."
}
},
{
"name": "request-identity-presentation",
"role": [
"health_issuer"
],
"type": "protocol",
"data": {
"protocol": "https://didcomm.org/present-proof/1.0/",
"startmessage": ["request-presentation"]
},
"next": {
"success": "decision-country-of-origin",
"error": "some-kind-of-error-handler..."
}
},
{
"name": "request-presentation",
"role": [
"health_issuer"
],
"type": "protocol",
"data": {
"protocol": "https://didcomm.org/present-proof/1.0/",
"startmessage": ["request-presentation"]
},
"next": {
"success": "decision-country-of-origin",
"error": "some-kind-of-error-handler..."
}
},
{
"name": "decision-country-of-origin",
"role": [
"health_issuer"
],
"type": "decision",
"data": {
"input_name": "country_of_origin",
"options": [
{
"values": [
],
"next": "reject-country"
},
{
"values": [
],
"next": "select-health-credentials"
}
]
},
"next": {
"success": "select-health-credentials",
"error": "some-kind-of-error-handler..."
}
},
{
"name": "select-health-credentials",
"role": [
"health_issuer"
],
"type": "decision",
"data": {
"input_name": "requested_health_credential",
"options": [
{
"values": [
"lab_result"
],
"next": "validate-lab-result"
},
{
"values": [
"exemption"
],
"next": "validate-exemption"
},
{
"values": [
"vaccination"
],
"next": "validate-vaccination"
}
]
},
"next": {
"success": "lab_result",
"error": "some-kind-of-error-handler..."
}
},
{
"name": "issue-lab-result",
"role": [
"health_issuer"
],
"type": "protocol",
"data": {
"schema": "RuuJwd3JMffNwZ43DcJKN1:2:Lab_Result:1.4",
"protocol": "https://didcomm.org/issue-credential/1.0/",
"startmessage": "offer-credential"
},
"next": {
"success": "request-health-proof",
"error": "some-kind-of-error-handler..."
}
},
{
"name": "issue-exemption",
"role": [
"health_issuer"
],
"type": "protocol",
"data": {
"schema": "RuuJwd3JMffNwZ43DcJKN1:2:Exemption:1.4",
"protocol": "https://didcomm.org/issue-credential/1.0/",
"startmessage": "offer-credential"
},
"next": {
"success": "request-health-proof",
"error": "some-kind-of-error-handler..."
}
},
{
"name": "issue-vaccination",
"role": [
"health_issuer"
],
"type": "protocol",
"data": {
"schema": "RuuJwd3JMffNwZ43DcJKN1:2:Vaccination:1.4",
"protocol": "https://didcomm.org/issue-credential/1.0/",
"startmessage": "offer-credential"
},
"next": {
"success": "request-health-proof",
"error": "some-kind-of-error-handler..."
}
},
{
"name": "request-health-proof",
"role": [
"travel_issuer"
],
"initial": true,
"type": "protocol",
"data": {
"protocol": "https://didcomm.org/issue-credential/1.0/",
"startmessage": "request-presentation",
"presentation_definition": "http://localhost:3100/api/presentation-exchange"
},
"next": {
"success": "verify-health-credential",
"error": "some-kind-of-error-handler..."
}
},
{
"name": "verify-health-credential",
"role": [
"travel_issuer"
],
"type": "protocol",
"data": {
"protocol": "https://didcomm.org/present-proof/1.0/",
"startmessage": "request-presentation",
"presentation_definition": "http://localhost:3100/api/presentation-exchange"
},
"next": {
"success": "validate-health-credential",
"error": "some-kind-of-error-handler..."
}
},
{
"name": "validate-health-credential",
"role": [
"travel_issuer"
],
"type": "protocol",
"data": {
"presentation_definition": "http://localhost:3100/api/presentation-exchange"
},
"next": {
"success": "issue-trusted-traveler",
"error": "some-kind-of-error-handler..."
}
},
{
"name": "issue-trusted-traveler",
"role": [
"travel_issuer"
],
"initial": true,
"type": "protocol",
"data": {
"protocol": "https://didcomm.org/issue-credential/1.0/",
"startmessage": "offer-credential",
"schema": "RuuJwd3JMffNwZ43DcJKN1:2:Trusted_Traveler:1.4"
}
},
{
"name": "reject-country",
"role": [
"travel-issuer"
],
"type": "protocol",
"data": {
"protocol": "https://didcomm.org/basic-message/1.0/",
"startmessage": "send-message",
"content": "We're sorry, your country is not approved for entry by Government"
}
},
{
"name": "submit-payment",
"role": [
"point-of-sale"
],
"type": "api",
"data": {
"api": "https://paymentmagic.com",
"method": "POST",
"attributes": [
"customer_name",
"customer_date_of_birth",
"customer_billing_address",
"customer_shipping_address",
"credit_card_number",
"credit_card_expiration",
"credit_card_security_code"
]
}
}
]
}
Commentary
- While it is clear that this document will be changed often during an infection, even daily, it is not clear how to tell what is valid at any pariticular time. F or example could the traveller be assure that the policy in force at the time of departure would be applied at the time of debarkation? See the user journey of a Credential Policy Coordination for details.
- "schemas"
- "participants"
- "participants"
- "permissions"
- "actions"
- "others"
Reference
- See wiki page Policy-Based Access Control.
