2023-03-17 - Weekly Update

Mar 17, 2023

About this document: Agenda and notes are kept in the same document, a separate copy of the document is maintained for each meeting. Please add agenda points before the meeting. Action items created in previous meeting and all other unresolved action items are kept in the document. Please tick off any completed items.

Meeting link: https://meet.google.com/rsf-cqaq-eyq at 08:30 UTC / 09:30 CET / 14:00 IST

Attendees

  • @Ain Aaviksoo (Deactivated) (meeting facilitator)

  • @Philippe Page

  • @Lal Chandran (out)

  • @Benjamin Balder Bach (weekly note keeper and time keeper)

  • @sasi

  • @PSRAMKUMAR (out)

Meeting Note

Agenda

Presenter

Discussion

Agenda

Presenter

Discussion

Action points from last week

@Ain Aaviksoo (Deactivated)

 

Updates from TC meeting (fixed)

@Ain Aaviksoo (Deactivated)

(ad-hoc)

Gherkin scenario writing discussion

Everyone

Specific questions discussed from Ain’s work on Gherkin Scenario drafting document

What are Audit Trackers? Auditors are electronic and human system. We haven’t modeled the Auditor, but we have an understanding of what the auditor needs and does which is written in UCs.

An auditor can also be a human that is sampling. It can be an electronic system that is performing automated checks.

Can we write Gherkin Scenarios that aren’t yet fulfilled?

Traceable ID: Transaction ID can be tracked across systems for auditing purposes. This will be a cross-cutting requirement.

Auditing types: Legal, risk, tampering detection - can we have this list provided?

Can you audit by individual? Can an auditor request what an individual has consented to? What queries can be made?

Which auditing roles and permissions do you have? Should the system provide artifacts for individuals and institutions to be able to get verifiable artifacts from their consent records.

System auditing, third-party auditing, “stakeholder self-auditing”?

If the system design is made for exact auditing purposes, we can avoid that an auditor has the temptation to fetch unreasonable amounts of data in order for audits to take place. This means that focused Gherkin Scenarios can help

Should we change the filtering mechanisms for auditors to understand more needs for auditing?

Is this user in your system? What did they consent to? During a specific time? Tracing consent changes during a time period. Use case can be “I am investigating transactions that happened, I need to know the history of everything that happened for user X in time Y”.

Can we return consent given a specific application? Or are we only able to understand “Agreement”?

Audit filters w/ temporal logic

Audit data

New fields that we need to store: Application IDs, Traceable IDs

Follow-up on GitBook merge requests

 

Agree on work for API page

Done: Data models (decided to stick to the drawings, they work better)
Items to coordinate with Valeria (she has a LOT of work) ?

Additional roadmap item discussion: Configuration for callers of APIs: RBAC for agreements?

@Ain Aaviksoo (Deactivated) added as comment @Benjamin Balder Bach has an idea for a follow-up

 

Non-functional security requirements for ID and consent?
(for next meeting)

 

Should we add inputs to general Non-functional security requirements regarding consent? Training requirements for staff?

@sasi asked about what happens when a consent is tied to a transaction or service delivery and cannot be revoked while a service is being delivered/executed or in some other way makes revoking impossible.

 

Implicit and explicit consent? Sometimes it will be related to implicit consent and not relevant for the Consent BB.

In some cases, when a consent cannot be revoked, it’s not “consent” but a regular agreement.

We may have a look at our notion of “forgettable” to discuss what can happen automatically when consent purpose is fulfilled.

House-keeping our action items etc

postponed for next meeting

 

Social Cash Transfer

postponed for next meeting

 

Question from Sasi: is there any way to that multiple parties can interact with each other based on a broader agreement rather than a one to one agreement?

postponed for next meeting

Note keepers notes: We’ll probably have to take this one up at a later meeting because we didn’t get to an action item on this one.

Payment Use-Case

@Ain Aaviksoo (Deactivated)
postponed for next meeting

What are consent-related aspects of the Payment UC?

Scope and service registry?

@sasi @Ain Aaviksoo (Deactivated)
postponed for next meeting

What are our next actions on registering required scopes for BB services?

“Consent management” definition

@Ain Aaviksoo (Deactivated)
postponed for next meeting

We renamed “Consent Management BB” to “Consent BB”. Is there a useful definition of “consent management” that we can apply?

New Action Items

@Benjamin Balder Bach Next steps on: Audit filters w/ temporal logic, Audit data, New fields that we need to store: Application IDs, Traceable IDs + modify “forgettable” in the sense that consent record may be deleted once a specific service has been delivered and the consent is no longer eligible.

Action Items from previous meetings

Presentation of API endpoints, mocks and tests for technical committee meeting Thursday @Ain Aaviksoo (Deactivated) (blocked / reminder)
Compliance concept - @Ain Aaviksoo (Deactivated) (blocked / reminder)
We need a meeting around verifying or gathering input from the Working group on the sequence diagram in BB Interaction Flow @Ain Aaviksoo (Deactivated) will call for this.
@Ain Aaviksoo (Deactivated) schedule to review Social Cash Transfer Use Case.
@Benjamin Balder Bach look at previous notes to embed OpenAPI in GitBook and send a note to Ramkumar
@Ain Aaviksoo (Deactivated) add and maintain definitions for subjects of Gherkin scenarios
Get GitBook invite for @Philippe Page
@Philippe Page sign up to GitBook via GitHub or tell @Ain Aaviksoo (Deactivated) what your existing signup email is.
@Benjamin Balder Bach create a variety of simple Gherkin scenarios for registering an individual so it’s clear that the Consent BB doesn’t care about the type of ID and how it stores external references.
@Philippe Page Create a Jira issue discussing to create a confluence page that has new scenarios which can illustrate why a modular system like GovStack benefits from using Consent IDs that aren’t directly mapped to functional IDs. Ultimately to mature into specification, maybe Gherkin scenarios.
@Ain Aaviksoo (Deactivated) consider if the decision to have “external ID” and “external ID type” referencing Individuals is relevant for the Key Desicion Log (if it’s not already there)

Decision

  1. We agree with Steve about the 2 visual diagrams in “7 Data Structure”, we will keep the drawings and avoid any auto-generated models for now.