Versions Compared

Old Version 7

changes.mady.by.user Rami Sellami

Saved on

compared with

New Version 8

changes.mady.by.user Rami Sellami

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Basic flow

79 and can use the the services of the mobile application
FlowSpecification






Image Modified


Use case ID

ATH-UC-07-BF

Use case name

Authentication via TOTP

Actors

  • Citizen

  • Healthcare giver
  • Representative of an institution

Short Description

This use case denotes the authentication of a user via TOTP.


1 (High)

Must have: The system must implement this goal/ assumption to be accepted.

Pre-Conditions

  • The user has already an account

  • The user has

    a mobile application equipped with

    :

    • a username and a password

    • a smartphone with  a TOTP-based mobile application

    The user has:

    • to get a security code

Post-Conditions

  • The user is authenticated

  • The user has access to the services of the mobile application

Steps (basic flow)

0

The user access to the WebSSO application interface to authenticate him/herself and choose the option eIDto connect via a security code via mobile app (TOTP)

1

The user connects using The user enters his/her username and his/her credentials (eID card + PIN) and the wireless card readerpassword


2

The application sends an access request The user connects to the SPTOTP based mobile application

3The user chooses the digital key of CSAM and enters it in the authentication interface

4

The user sends his/her credentials


5

3

The SP sends a request message to the authorization server (AS) to access to the IDentity Provide (IDP)


46

The AS sends a message to the IDP to identify the non authenticated user5


7The IDP checks the identity of the user with the AA 

68

The IDP sends a response message to the AA AS to inform it that the user is identified


9

The AS sends a message with the identify of the user to the SP8


10The SP returns a response message to the application to enable the authentication

11The user is authenticated

Exceptions (exception flows)

  • The PIN of the eID card username or the password is not correctrecognized

  • The creation is aborted (e.g. loss of connection, problem with the wireless card reader, the session is expired)

Frequency

  • Every time the user needs to authenticate to the mobile application


Alternative flow 1

Specification

Use case ID

ATH-UC-07-AF-01

Use case name

First authentication TOTP

Actors

  • Citizen

  • Healthcare giver

  • Representative of an institution

Short Description

Depending on the profile of the actor, this alternative flow will be instantiated by one of the four use cases dedicated to the creation of a new account (refer to the basic flows): ATH-UC-01, ATH-UC-02, ATH-UC-03, ATH-UC-04. To implement this flow, the user should authenticate him/herself in the mobile application using the eID card.

Priority

1 (High)

Must have: The system must implement this goal/ assumption to be accepted.

Pre-Conditions

  • The user has not an account

  • The user has:

    • an e-mail address

    • an eID card

    • a code PIN of his/her eID card

    • a wireless card reader

Post-Conditions

  • The user has an account

  • The user knows his credentials

  • The user is authenticated

  • The user has access to the services of the mobile application

Steps

For more details and depending on the type of the actor, see:

Exceptions (exception flows)

  • The user makes an error when editing his/her credentials

  • The PIN of the eID card is not correct

  • The creation is aborted (e.g. loss of connection)

Frequency

  • Every time the user wants to authenticate him/herself and he/she does not have an account.

...