-
Notifications
You must be signed in to change notification settings - Fork 24
Alastria ID flows
A digital identity allows the user/subject to authenticate and present (certified) personal information in order to get a service, those actions require the creation and set-up of a digital identity and the gathering of certified personal information (credentials) from trusted sources.
For pseudonymous single usage, i.e. presenting some information in order to get a service where the Service Provider does not need to record anything and is not going to provide services in a recurrent way an Alastria Id is enough. Consider for example a user presenting a credential entitling to obtain a digital asset (photo, song, etc.) or access to a given place (building, conference center).
When authentication is required or, when recurrent service is going to be provided or when the service provider needs to record the presentation gathered, the Alastria Id could be recorded in order to make easier to provide the service or record interactions with the user.
For Credential Issuance linked to an Alastria Id, the Alastria Id must also be recorded by the entity.
Then to use Alastria Id in front of a given Entity (service Provider or Credential Issuer) the user Alastria Id is likely to be recorded by the entity. When there is another identifier used by the entity to identify internally the same user (Legacy Id), the Alastria ID and the Legacy ID should be linked together.
The different situations which are possible for the relationship between a subject and a given entity (Service Provider or Credential Issuer), depending on whether the user has an Alastria Id, a Legacy Id for that entity and whether the Alastria Id is recorded (and linked to the Legacy Id) by the entity.
All the possible situations are shown in a status table:
| Status | Subject has Alastria ID |
Subject has Legacy ID |
Next status (Entity) |
Next status (Other entities) |
|---|---|---|---|---|
| A | No | No | B | No change |
| B | No | Yes | E | A→C OR B→D |
| C | Yes | No | E | No change |
| D | Yes (unrecorded) |
Yes | E | No change |
| E | Yes (recorded and linked) |
Yes | No change | No change |
An Alastria Id is ready for recurrent regular usage in front of an entity when in status E: Alastria Id recorded and linked to Legacy Id when required. Most entities currently identify users internally with a Legacy Id, we expect that Alastria Id can play that role in the future removing the need for a different Legacy Id at least for new users.
Based on the previous status table, there are different User Stories related to the Alastria ID Creation, in order to reach status E, depending current subject/situation.
| User Story | Transition | Required Steps | UML Sequence Diagram | Actions and Objects Definition | |
|---|---|---|---|---|---|
| US-1.1 | Legacy Onboarding | A→B | 1. Legacy Onboarding | - | - |
| US-1.2 | Alastria ID Creation | B→E | 1. Legacy Authentication 2. Wallet Download 3. Key Pair Generation (Wallet) 4. Alastria ID Generation 5. Linking Alastria ID with Legacy ID |
Link | Link |
| US-1.3 | Onboarding with Alastria ID |
C→E | 1. Alastria ID Authentication 2. Presentation + [Legacy onboarding] 3. Linking Alastria ID with Legacy ID |
Link | - |
| US-1.4 | Alastria Id Registration & Legacy Id Linking |
D→E | 1. Legacy Authentication 2. Alastria ID Authentication 3. Linking Alastria ID with Legacy Id |
Link | - |
The subject must always be in status E having both, Alastria ID and linked Legacy Id.
| User Story | UML Sequence Diagram | ||
|---|---|---|---|
| US-2.1 Alastria ID Authentication | US-2.1 | Alastria ID Authentication | Link |
| US-2.2 Alastria ID Credentials | US-2.2.1 | Credential Issuance | Link |
| US-2.2.2 | Credential Revocation | Link | |
| US-2.2.3 | Credential Query Status | Link | |
| US-2.2.4 | Expiring Credential | Out of MVP scope | |
| US-2.3 Alastria ID Presentations | US-2.3.1 | Present Presentation | Link |
| US-2.3.2 | Withdraw Presentation | Link | |
| US-2.3.3 | Presentation Query Status | Link | |
| US-2.3.4 | Expiring Presentation | Out of MVP scope |
Out of MVP scope
Out of MVP scope