2. H2M service provision with identity info at the SP

In use case 2, a service is provided by the Service Provider to the Human Service Consumer. Identity info is held at the Service Provider.

Roles

As no delegation takes place, the legal entity fulfilling the Entitled Party-role also fulfils the Service Consumer-role.

Depiction

Legal relations

Prerequisite registration & Use case interaction

Description

It is prerequisite of this use case that:

• The Service Provider has and manages its own entitlement information indicating what Entitled Parties are entitled to what (parts of) services*;

• The Service Consumer has and manages its own authorization information indicating which Human Service Consumers are authorized to act on its behalf**;

• The delegation/authorization responsible at the the Service Consumer registers the authorization information at the Service Provider;

• The Human Service Consumer is able to authenticate the Service Provider;

• The Service Provider is able to authenticate the Human Service Consumer;

• The Human Service Consumer has been issued identity credentials by the Service Provider.

• In this use case the Entitled Party is also the Service Consumer.

*The Service Provider can outsource this function to a third party **The Service Consumer can outsource this function to a third party

The use case consists of the following steps:

1. The Human Service Consumer requests a service from the Service Provider;

2. The Service Provider authenticates the Human Service Consumer, and validates the iSHARE adherence of the Service Consumer;

3. The Service Provider authorizes the Human Service Consumer of the Service Consumer based on the entitlement- and authorization information registered with the Service Provider;;

4. The Service Provider executes the requested service;

5. The Service Provider provides the service result to the Human Service Consumer.

Sequence diagram