...
Flow | Specification | ||
---|---|---|---|
Use case ID | ATH-UC-05-BF | ||
Use case name | Authentication using an eID card | ||
Actors |
| ||
Short Description | This use case denotes the authentication of a user via an eID card. | ||
1 (High) Must have: The system must implement this goal/ assumption to be accepted. | |||
Pre-Conditions |
| ||
Post-Conditions |
| ||
Steps (basic flow) | 0 | The user access to the WebSSO application interface to authenticate him/herself and choose the option eID | |
1 | The user connects using his/her credentials (eID card + PIN) and the wireless card reader | ||
2 | The application sends an access request to the SP | ||
3 | The SP sends an authentication request to the IDP | ||
4 | The IDP checks the identity of the user with the AA | ||
5 | The IDP sends a response message to the SP to inform it that the user is identified | ||
6 | The SP returns a response message to the application to enable the authentication | ||
7 | The user is authenticated and can use the the services of the mobile application | ||
Exceptions (exception flows) |
| ||
Frequency |
|
...
Specification | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Use case ID | ATH-UC-01-EF-01 | ||||||||||
Use case name | The PIN of the eID card is not correct | ||||||||||
Actors |
| ||||||||||
Short Description | It denotes the use case when the citizen user tries to authenticate with his/her eID card and fails in entering the PIN. | ||||||||||
Priority | 1 (High) Must have: The system must implement this goal/ assumption to be accepted. | ||||||||||
Pre-Conditions |
| ||||||||||
Post-Conditions |
| ||||||||||
Steps (basic flow) | 0 | The citizen user access to the WebSSO application interface (i.e. WebSSO) to create an account (first authentication) | 1 | The citizen connects for the first time to the application | 2 | The application sends a request message to the Service Provider (SP)3 | The SP sends a request message (i.e. ask authentication get SSO token) to the IDP | to authenticate him/herself and choose the option eID | |||
1 | The user tries to connect using a wrong PIN code | ||||||||||
2 | 4 | The IDP checks the identity of the citizen and it does not find it in the authentic data source via the AA | 5 | The IDP contacts the CSAM to ask it to create the certificate to the citizen (first authentication) | 6 | The CSAM opens a new web browser page to invite the citizen to enter his/her credentials using the eID card | 7 | The citizen tries to send his/her credentials with a wrong PIN. | 8 | The authentication is interrupted | |
Frequency |
|
Exception flow 2
Specification | ||
---|---|---|
Use case ID | ATH-UC-05-EF-02 | |
Use case name | The creation is aborted (e.g. loss of connection, problem with the wireless card reader, the session is expired) | |
Actors |
| |
Short Description | It denotes the exception use case when the citizen user loses the connection and he/she will not be able to finish the authentication. It may happens at any step of the basic and alternative flows. | |
Priority | 1 (High) Must have: The system must implement this goal/ assumption to be accepted. | |
Pre-Conditions |
| |
Post-Conditions |
| |
Steps (basic flow) | ||
Frequency |
|