Attributes that will be building blocks for relying parties (RP - credentials). We will have to make some assumptions about the content of 800-63-4 (draft); i.e., IAL 1 +. Even though we will start with a 'basic' user ecosystem, we peg our efforts knowing that the end-user will be functioning with in a public health community down the road.
Comments:
Building Blocks for developing RIUP architecture within a healthcare use case
individual’s need
laws
Defining Attributes: It’s likely we will be defining them for use in an agnostic model, but not integrating them into a federated model
Need to interview people providing services:
Service oriented focus
Start with service provider’s Requirements
Then address Identity Requirements
right patient?
who is paying?
who should we contact?
is identity record available? accessible? lost? nonexistent?
It’s not a service, it just allows them to put an identity on their phone and attach certificates (passport, DACA card, etc) that they want to associate with that. Allows them to get jobs more easily.
Issues
Tom: Farm Worker use case:
Tend to move as family
Tend to be more than one worker per family
Only one phone per family
Phone can be lost or lent to someone else
Organization providing services:
United Farmworkers
Cirrus (spelling)
Tom: Low assurance since it is used for more than one person. Credentials themselves could have high assurance
Bev: Classification needs to be dynamic, multidimensional to address multitude of complex situations
Tom: Identity and identifier (association with the identity) needs to be separate
Bev: Self-asserted identity
How it works
Assign a DID
User gets the wallet and user attaches the credentials they want to it
High quality credentials associated with the DID
Enables lightweight identity structure
Can’t do heavy weight without enrollment system
Successes:
Louisiana allows people to place in a digital wallet for $6
“Circle of Trust/Identity” allows individuals within ones social group to attest to a person’s identity (Red Cross/ Farm Workers' Union)
Ukraine: online bank accounts attached to mobile devices used to verify identity
Questions:
Does it serve their needs well?
Could these entities get funding to provide the wallet?
Can a wallet be associated with more than one person? Is it wrong that a single wallet is associated with a single person/phone?
Is the Apple Wallet example appropriate for underserved populations? What are other ID types that could be used for these solutions?
Identity Services: Family, Community group, religious community, Zip Codes