In use case 2, a service is provided by the Service Provider to the Human Service Consumer. Identity info is held at the Service Provider.
Roles
Delegation info PIP | |||||
No delegation | Service Provider | Entitled Party | Authorisation Reg | ||
Auth info PIP | Service Provider | 2 | 2a | 2b | 2c |
As no delegation takes place, the legal entity fulfilling the Entitled Party-role also fulfils the Service Consumer-role.
Depiction
Legal relations
Prerequisite registration
Use case interaction
Description
It is prerequisite of this use case that:
- The Service Provider has and manages its own entitlement information indicating what Entitled Parties are entitled to what (parts of) services*;
- The Service Consumer has and manages its own authorisation information indicating which Human Service Consumers are authorised to act on its behalf**;
- The delegation/authorisation responsible at the the Service Consumer registers the authorisation information at the Service Provider;
- The Human Service Consumer is able to authenticate the Service Provider;
- The Service Provider is able to authenticate the Human Service Consumer;
- The Human Service Consumer has been issued identity credentials by the Service Provider.
- In this use case the Entitled Party is also the Service Consumer.
*The Service Provider can outsource this function to a third party
**The Service Consumer can outsource this function to a third party
The use case consists of the following steps:
- The Human Service Consumer requests a service from the Service Provider;
- The Service Provider authenticates the Human Service Consumer, and validates the iSHARE adherence of the Service Consumer;
- The Service Provider authorises the Human Service Consumer of the Service Consumer based on the entitlement- and authorisation information registered with the Service Provider;;
- The Service Provider executes the requested service;
- The Service Provider provides the service result to the Human Service Consumer.
Sequence diagram