Here's how a shared door lock would work today:

Step 1: Bob approaches the shared door and sees a sign telling him how to access the building directory

2: Bob connects his phone to the local wi-fi access point

3: Bob types the URL of the building directory into his browser - the door lock RS serves up a directory page

4: Bob clicks Alice's link in the RS directory page - is redirected to Alice's AS

5: Alice's AS challenges Bob somehow - it could be that Bob has to enter his cell phone number, or open a WebRTC call with Alice - whatever

6: Alice thinks up an access PIN for Bob - enters Bob's cell phone number and PIN into her AS

7: Alice tells Bob the PIN - however she does that

8: Bob enters the cell phone number and PIN into the AS

9: The RS opens the door

Case A (LAN only): The sequence above mirrors what happens today when Bob talks to Alice and is "buzzed-in". The only difference is that Alice must sign-in to her AS to enter a phone number and PIN and Bob must enter the same two things into the AS. This is not a great user experience but it is needed because we took away the proprietary buzzer connecting Alice to the lock. The benefit is that Alice can decide when Bob's PIN must expire.

Case B: Add a WAN connection and an IDP that might or might not be trusted. Alice's AS asks Bob for his IDP and name https://onename.com/agropper . Alice's AS either accepts Bob's attributes automatically or it sends a text message to Alice with the link. Alice replies to the text message with yes and an optional expiration date.

I'm not sure what the challenge analysis document is.

Adrian

On Sunday, April 10, 2016, Eve Maler <eve@xmlgrrl.com> wrote:

Adrian, so far this looks like a use case (and an interesting IoT use case at that) -- but not quite a solution description, in that we don't know if it actually resolves #wideeco problems we've identified. E.g., the mechanism of providing claims works great in narrow and medium ecosystems already, but it seems to break down in wide ecosystems for various reasons.

Can you please start a new thread, and also be sure to describe which challenges in the challenge analysis document (and/or any other new challenges not previously discussed) your solution purports to solve? It's perhaps also worth noting that there are smart door looks and doorbell products on the market, if not ones with UMA capabilities; can we learn from what they do now?

(We'll probably want a new thread per solution area.)

Eve Maler
Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl

On Sat, Apr 9, 2016 at 2:07 PM, Adrian Gropper <agropper@healthurl.com> wrote:
AI for discussion: Different patterns of Alice's AS and RS's accepting and providing federated logins? (Adrian)

I would like to champion a #wideeco solution called "A Lock to Alice's Shared Door" as follows:
The RS is an IoT lock on the shared door of a multi-unit condo.
The lock has to work even if disconnected from the internet.
Alice has her own AS in her own condo.
Alice has to be able to unlock the shared door even if disconnected from the internet.
Alice carries a smartphone that can connect to the RS and AS locally and via the internet.
Bob is a guest that wants to access the shared door based on Alice's AS policies.
Bob carries a smartphone that can connect to the RS and AS locally and via the internet.
The shared door RS and Alice's AS are each built on standard commodities that include a typical secure element.
e.g.: https://www.arduino.cc/en/Main/ArduinoMKR1000 including http://www.atmel.com/products/security-ics/cryptoauthentication/ecc-256.aspx
Bob can present claims to Alice's AS:
by referencing a personal certificate previously stored in the AS (e.g.: using PGP, a FIDO key, or equivalent)
by contacting Alice out-of-band for a one-time credential into her AS
by authenticating to the RS (assuming the RS has been configured as an IdP and is trusted by the AS)
by authenticating to an IdP (assuming the internet is working and the IdP is trusted by the AS)
by authenticating to a blockchain persona like https://medium.com/@ConsenSys/uport-the-wallet-is-the-new-browser-b133a83fe73#.d5stuazgi this could involve a camera and face recognition as in http://www.planetbiometrics.com/article-details/i/4238/desc/google-trialling-face-recognition-payment-app/
by following a claims gathering process directed by Alice's AS
I believe these 6 are the only distinct categories and I would hope that Alice's AS supports all of them if Alice is willing to take the time to configure them. Within each category, there will be various user experiences depending on what kind of technology Bob has in his pocket.
Adrian

On Fri, Apr 8, 2016 at 4:40 PM, Eve Maler <eve@xmlgrrl.com> wrote:
I've also done a little bit of suggested reordering of the roadmap priorities to account for the appearance of so many use case buckets in the first bullet in the list, and other realities; please see what you think. Essentially, we can't really consider Justin's proposals for #wideeco without also considering their #simplify impact, and some of their #IoT impact, but some other #IoT analysis will have to wait a bit longer. Also, we don't have any #security work on our docket at the moment, but more could arise at any time, and there's some constant legal-subgroup work being done. Etc.

Oh, and I've put the named people who I hope will take on action items directly on the cc list this time, to draw their attention to my request.

Happy Friday! :-)

Eve Maler
Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl

On Fri, Apr 8, 2016 at 9:52 AM, Eve Maler <eve@xmlgrrl.com> wrote:
Hi all-- The agenda for our call yesterday tried to summarize what I think is the most up-to-date list of ideas I've heard so far:

Examining solutions for wide ecosystem challenges (Eve's challenge analysis doc) – look at:
UMA-protected UserInfo? (various) [Mike]
Different patterns of Alice's AS and RS's accepting and providing federated logins? (Adrian)
"Multi-party" proposal? (Justin) (engages with #APIsec and #simplify use case buckets too) [also #IoT as discussed on Thursday]
AS requests claims and client does act_as Bob to send them? (Mike, James)
Alice's AS dynamically gets client credentials to Bob's claim sources? (various) [Eve]
Meta-suggestion: Should trust elevation methods be modularized? (James)
Others?

Can the people identified above please take action items to present at upcoming calls? If you're not clear on what this is about, or if you can't do this action, please let me know. Thanks!

And remember, we've got some upcoming "holes" in our Q2 WG meeting schedule. I've just deleted some of our Thursday meetings (Fridays haven't been impacted yet), with possibly a couple more to come. We've got some exciting work coming up, so let's try to press ahead with offline prep such as this.

Eve Maler
Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl

--

Adrian Gropper MD

PROTECT YOUR FUTURE - RESTORE Health Privacy!
HELP us fight for the right to control personal health data.
DONATE: http://patientprivacyrights.org/donate-2/