Relying Party Authentication Use Case

From MgmtWiki
Jump to: navigation, search

Full Title of Use Case

A collection of user journeys for any person that wants to use a personal account authentication at a Relying Party.

Context

To provide a good user experience at any Relying Party Web Site that allows User Authentication by some provider that is not unique to that site.

Goal

Examples of Problems to be Addressed

The user cannot remember all of the user names and passwords that would be required if every site where they had consented to the storage of their information used their own scheme.

Actors

  1. User
  2. Relying Party
  3. Provider of services related to Authentication or User Information sharing.

Preconditions

  1. The user wants to control access to their own User Information.
  2. At least one Identifier or Attribute Provider exists that is acceptable to both the User and the Relying Party.
  3. The user has already selected a provider, see wiki page Relying Party Registration Use Case.

Scenarios / User Journeys

The goal of these scenarios is to test the functionality of any web site were the user access and update their information.

Journey 1 - the user's comes to the site to learn what emergency access really is:

  1. The user goes to the web site which gives a trusted identifier to the user before asking for any information.
  2. The site home page assumes not information was given to the user and tries to educate the user.
  3. The user decides to start the journey and clicks "Start".
  4. The function of site, the use of the information and the user rights are clearly explained.
  5. The user is authenticated and given the test.
  6. The lab has consent and so passes the user data to the emergency responder.
  7. The doctor asks for user consent to schedule further diagnostics with a doctor in a different practice.
  8. The user can evaluate the site with respect to competence and compliance with appropriate privacy practices.
  9. The user gives consent, schedules a consultation and the lab results are passed to the other practice. The user may or may not also get the results.
  10. The user receives a consent receipt from the primary doctor as to the transfer of health records to that other practice

Journey 2 - the user is directed to the site as they do want to start to collect contact data:

  1. There are two path that they could take, the deliberately chose to register or they try to navigate to a page that requires sign in.
  2. Take them to a registration page that explains why registration is important before they can use the site (redress, recovery, etc.)
  3. -- open question, should we create a mailing list for people that want to say informed? - seems like a short term thing, but who knows?
  4. In this case electronic consents are appropriate.
  5. In this case the consent reciepts will be renderable to the user in understandable user experience.

Journey 3 - The user has already registered with the site.

Results

Accepted Risks:

  1. Data transfers involved work within a framework of trust and mutual understand as to the user's wishes with respect to care and privacy.
  2. It is not clear how a non-responsive user can provide sufficient details to the First Responder. Presumably the existing First Responder network can provide some guidance on that challenge.

Post Condition:

  1. There are now two additional consents steps, lab with sensitive data and secondary provider with sensitive.
  2. No data is ever shared with any provider that has not been strongly identified to the user.
  3. The user results are available it is assumed that the consent receipt acknowledged that the data would be sent back to the primary care doctor.

Examples:

  1. tbd

Dependencies::

  1. Web Sites must be trusted before any user information is provided to them.
  2. Trust federations can be used to help users make informed decisions.
  3. User consent and trust must begin with no user information transferred.
  4. Standards exist to collect needed attributes where-ever they may be.

Workflow Diagram

TK

References