assurance - Re: [Assurance] Remote proofing?
Subject: Assurance
List archive
- From: "Michael R. Gettes" <>
- To: "<>" <>
- Subject: Re: [Assurance] Remote proofing?
- Date: Tue, 29 May 2012 19:11:00 +0000
- Accept-language: en-US
I've been mulling this over for some time.
Here are my thoughts on a Remote Proofing process we are now mulling over at CMU.
There are parts in here to address some CMU problems of issuing 2nd-factor tokens - but you could take that out of the flow and it still is viable.
The IDProof App has yet to be written.
/mrg
Version 1.0
Actor = Person to be Identity-Proofed Proofer = Doh! Could be any full-time CMU staff person appropriately authorized? Could be Help Center staff? It is assumed the Actor has already been issued an Andrew ID - or must we define this process too? 0. Actor and Proofer agree upon method of Video Conference (FaceTime, Google Voice Video, Skype, others?) 1. Actor independently obtains physical FOB or downloads soft FOB 2. Proofer independently accesses ID-Proof Web App in a "Proofer" role 3. Proofer establishes VC with Actor. a. It is most optimal if someone the Proofer knows is with the Actor as a "chain of custody". 4. Actor presents to Proofer Official Photo ID - holding it up to the camera. a. Proofer verifies photo matches actor's face b. Proofer records ID Type, Issuer, ID number into ID-Proof Web App c. Actor provides AndrewID - Proofer validates AndrewID matches Actor d. Possibility of obtaining digital photo capture of Actor in VC e. If a "custodian" (see 3a) is present, record custodian AndrewID. 5. Process FOB a. Proofer records Actor's FOB # and AndrewID into ID-Proof Web App b. Proofer enables Actor's FOB 6. Actor verifies authentication and access a. Actor accesses ID-Proof Web App and login as normal user Actor authenticates using Shib SSO and then uses FOB authN on ID-Proof page. b. Actor is presented with a 6 character KEY c. Actor reads KEY to Proofer d. Proofer validates the Actor's KEY with KEY on Proofer's ID-Proof page. e. repeat a-d until success 7. Proofer approves Actor in ID-Proof Web App 8. End Video Conference 9. Proofer authorization a. If Proofer has privilege to authorize then modify accordingly. b. If not (9a) then Proofer notifies official authorizers ID-Proof steps completed and provides AndrewID and Name to Authorizers. Authorizers modify accordingly. Done. |
- [Assurance] Remote proofing?, Roy, Nicholas S, 05/29/2012
- Re: [Assurance] Remote proofing?, Michael R. Gettes, 05/29/2012
- Re: [Assurance] Remote proofing?, David Walker, 05/30/2012
- RE: [Assurance] Remote proofing?, Farmer, Jacob, 05/30/2012
- RE: [Assurance] Remote proofing?, Roy, Nicholas S, 05/30/2012
- Re: [Assurance] Remote proofing?, Michael R. Gettes, 05/30/2012
- RE: [Assurance] Remote proofing?, Dunker, Mary, 05/30/2012
- Re: [Assurance] Remote proofing?, Michael R. Gettes, 05/30/2012
- RE: [Assurance] Remote proofing?, Roy, Nicholas S, 05/30/2012
- RE: [Assurance] Remote proofing?, Jones, Mark B, 05/30/2012
- Re: [Assurance] Remote proofing?, Ann West, 05/30/2012
- Re: [Assurance] Remote proofing?, Bradner, Scott, 05/30/2012
- RE: [Assurance] Remote proofing?, Dunker, Mary, 05/30/2012
- Re: [Assurance] Remote proofing?, Michael R. Gettes, 05/30/2012
- RE: [Assurance] Remote proofing?, Roy, Nicholas S, 05/30/2012
- RE: [Assurance] Remote proofing?, Farmer, Jacob, 05/30/2012
- Re: [Assurance] Remote proofing?, David Walker, 05/30/2012
- Re: [Assurance] Remote proofing?, Michael R. Gettes, 05/29/2012
Archive powered by MHonArc 2.6.16.