EditAttachPrintable
r1 - 11 Feb 2002 - 14:04:23 - BobMannYou are here: TWiki >  VO Web  > RegisterAliasForSetOfUsers

UseCase: RegisterAliasForSetOfUsers

PrimaryActor:

Representative of a research consortium, institution or some other group of VO users.

EndResult:

A unique alias is registered (with some appropriate VO body) for the set of public keys for a group of VO users.

OtherActors:

PreConditions:

The representative requires access to the public keys (or equivalent public portion of the identities) of the group of VO users for which s/he wishes to register an alias.

FlowOfEvents:

  1. Representative contacts computer system of alias registration body requesting opportunity to register an alias (e.g. goes to appropriate WWW site and chooses registration form from menu).
  2. Representative supplies chosen name of alias, and public key information for set of VO users it is to denote.
  3. Registration body's computer system checks that this alias is unique: if so, it confirms to the representative that the alias has been registered; if not, it asks the representative for another name to use as an alias to that set of public keys - maybe allowing the representative access to the aliases already registered, so s/he can see what appropraite names have already been taken.
  4. Representative disengages from computer system of alias registration body once the alias has been registered.

PostCondition:

An alias exists for the set of public keys of a group of VO users, which may be used in the assignment of access rights to VO resources (e.g. as described in UseCase PIRequestsSettingOfPermissions).

BasicAssumptions:

The system whereby identities are authenticated within the VO involves some sort of public-key/private-key system, so that a third party can assign to a VO user access rights to a given resource.

A body must exist within the VO system with which an alias can be registered. This need not be the certification authority which provides trusted identities to the users, but it could be: all that is required is that archives (or equivalent) which need to have access privileges registered with them (see UseCase PIRequestsSettingOfPermissions) are able to access the database maintained by this body, so that it can translate the alias into a set of public keys when required. One reason why it might be desirable for the alias registration body not to be the same as the certification authority is that the former might have a much more limited scope than the former - e.g. within ten years we might all require digital identities for everyday life, and these might be assigned at national level, say, while the alias registration body only needs to deal with astronomers, and might be managed by the IAU or some global VO bureaucracy.

AlternativeFlows:

Links to ScienceProblems:

KeyReferences:

_

GoodStyle: Please add comments below. This area should be used for refinement of the above document. If you want to ask questions or start a dialogue with the author, please use (or create) a topic in the Use Cases Forum.
Author: Once the refinements here and comments in the forum die down, perhaps you could rewrite the problem, incorporating the comments and refinements.

-- BobMann - 11 Feb 2002

Edit | Attach | Printable | Raw View | Backlinks: Web, All Webs | History: r1 | More topic actions
 
AstroGrid Service Click here for the
AstroGrid Service Web		 This is the AstroGrid
Development Wiki
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback