AIT, ATOS, FOKUS, TUG, OTE, ICERT, KGH, LISPA
In traditional Identity and Access Management as a Service (IDMaaS) systems an Identity Provider (IdP) has full access to the user’s identity data. The shift of such services into the cloud discloses sensible user data to the cloud provider. Thus, the user’s privacy is compromised, and legal issues and challenges for service providers may arise. With the invention of proxy-re-encryption and redactable signature algorithms it is possible to outsource an Identity Provider into a cloud environment without disclosing the processed data to the cloud provider. While these novel cryptographic technologies are mature from a scientific research perspective they are not yet included in market-ready products. In this document actors and use cases will be elaborated, and explain how to integrate those technologies into an IDMaaS environment. We call this IDMaaS environment the CREDENTIAL Wallet.
The purpose of this document is to have a clear understanding of applicable business use cases and the identification of all actors involved in a CREDENTIAL Wallet. These generic artifacts form modularized basic blocks for a CREDENTIAL Wallet. Furthermore, this document shows how to apply these building blocks in three different application domains: eGovernment, eHealth, and eBusiness.
This document contains the collection of all generic business use cases for the CREDENTIAL Wallet. These use cases fully describe its functionality. Since business use cases tend to be abstract, we additionally specify logical use cases describing each step in the business use cases in more detail. Starting from these use cases, further development of the CREDENTIAL Wallet can proceed and requirements, architecture, and technology can be elaborated.
In order to show practical relevance of the proposed use cases, three pilots in the domains mentioned above adapted them and developed scenarios and storyboards. Thus we show how we can enhance existing applications and service by integrating a CREDENTIAL Wallet and its functionality. This document contains multiple scenarios for each domain and a list of business use cases describing on a high level how to use a CREDENTIAL Wallet in the domains.
The full version of this deliverable can be downloaded here.