Use case concerning cloud identity/attribute authenticationauthorities for supply chain track and trace

[Moberg Dale <dmoberg@axway.com>]

Formatted use case in attachment.

 

Description / User Story

Supply chains have evolved so that producers, distributers, and purchasers, as well as the goods exchanged, have symbolically formulated identities. Goods are identified by serialized product codes, such as Electronic Product Codes (EPCs), while multiple systems for naming participants  exist, such as GS1 GLNs, X.509 DNs, and ISO 6523 organization codes. Participants have information data bases about product transactions, including when an item’s ownership begins and when and to whom it has been sold.

Several important data usage and access policies are couched in terms of participant identities and goods identities (EPCs).

For example, one important claim to be evaluated is whether the “ownership” relation has ever existed between the EPC identified object and the supply chain participant interested in querying, for example, a tracking service.

Identity and attribute authorities that can authenticate both participant and product identities and authenticate an “ownership” relational attribute claim are required.

The identity of the seller that an authority discovers while establishing an ownership attribute claim of a buyer can remain undisclosed to the requester of the attribute and identity claims.

The EPC identity must be established as commissioned by the goods labeler (who binds the EPC code to the supply chain item).

Requesters may select whether the consulted attribute or identity authorities may rely upon other authorities trusted by the consulted authorities, not use other authorities, or only rely on relayed queries to authorities with requester specified trust attributes.

 

Authentication of Attributes and Identities over SupplyChains initial draft.docx