User Tools

Site Tools


documentation:identity-proofing

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
documentation:identity-proofing [2018/06/14 12:34]
tjotov [ADUCID proofing support]
— (current)
Line 1: Line 1:
-====== Identity proofing ====== 
- 
-ADUCID provides authentication. It guarantees that PEIG is identified every single time by AIM and also PEIG always recognized particular AIM. 
- 
-PEIG is assigned to a user account using primary key called "UDI" (User database index). 
- 
-Proofing process assigns UDI to a real person (UDI can be generated or anything service provider wants, e.g. email or login name). 
- 
-===== Proofing scenarios ===== 
- 
-Thera are several ways how to proof a user. He/she can get to an office, show ID and get proofed. Or he/ she can be visited by person how can verify his / her identity. Or user can fill in a form, send it with a copy of her / his ID. 
- 
-To proof someone’s identity there has to be some administrator with right to verify and approve users. This administrator has to have role called “registrator” and  has to be proofed and verified using personal factor. 
- 
-ADUCID demonstrates and supports these scenarios: 
- 
-==== Activation code ==== 
- 
-User goes to an office and meets an administrator. Administrator fills in user details, verifies his / her ID. As result he gives / sends him an activation code. 
- 
-Using this code user can finish the proofing process by providing it to proofing application. 
- 
-==== Registration form ==== 
- 
-In this scenario user fills in a form and sends it to registration point (scan of ID might be required). Then he/ she goes to the office, administrator verifies this form and approves the user. 
- 
-==== QR proofing - admin fills form, user scans ==== 
- 
-As in first scenario a uses comes in an office and meets an administrator. But no activation code is created / sent. Instead user scans a QR code displayed on administrator’s PEIG. 
- 
- 
-==== Identity link proofing ==== 
- 
-If one AIM contains proofed identities, it can act as identity provider for other AIMs (this scenario must be enabled and supported by both sides). 
- 
- 
-===== ADUCID proofing support ===== 
- 
-Proofing is supported by No-Code integration and ADUCID API methods. 
- 
-For No-Code it is just a role called "APPROVED": 
- <RequireAll> 
- Require valid-user 
- Require role aducid: APPROVED 
- </RequireAll>  
- 
-For development integration  just check proofing status after authentication. 
- 
-All identity proofing scenarios are demonstrated in proofing applications. These applications can be installed with ADUCID Server Kit as an option. 
- 
-ADUCID UserAdmin application shows current proofing status of a particular user. 
- 
-See Javadoc and Tomcat adapter documentation for details. 
  
documentation/identity-proofing.1528979647.txt.gz · Last modified: 2018/06/14 12:34 by tjotov