Jump to content

DECODE/BAR use case

From Data Privacy Vocabularies and Controls Community Group

Use Case ID - Use Case title

DEC01 - Online voting platform with privacy

Owner of Use Case

Stefano Bocconi - DECODE project

Description

The DECODE project is extending an existing online voting platform according to the principles of data minimisation and data ownership and sovereignty. This implies that:

  • Users can vote anonymously. The only requirements to be able to vote are a proof of residence in the city where the poll is open and of being older than a certain age.
  • Users must be able to vote at max once, but can change their vote.
  • Votes must be registered and kept for accountability of the voting process.

Is Sub-Use Case of

Has Sub-Use Cases

Requirements

Related functional requirements

  • Eligibility for voting is based on and must be determined based only on two conditions: the user is resident in the area of the poll and the user is older than the minimum age to vote
  • Each vote must be recorded so that final poll result can be calculated, without revealing the user identity
  • The process must be verifiable for correctness by any party (transparency)

Related non-functional requirements

Requirement conflicts (if any)

Requirement similarities (if any)

Requirement subsets/refinements (if any)

Component(s)

  • A digital wallet that each user has, containing verified attributes such as name, age, residency, etc.
  • An authorisation system that requires particular verified user attributes to allow access (in this case to the voting system)
  • A trusted authority (such as a municipality) that certifies the authenticity of (some of) the user attributes contained in the wallet
  • A Distributed Ledger that records each vote.

Types/classes of data involved

  • User attributes
  • Votes

Actors

  • A local municipality or other instances that want to put out a public poll
  • Users that might want to participate in the poll
  • A certifying instance (such as the same local municipality)

Preconditions

  • Users have (installed) a wallet
  • Polling system supports attribute-based authorisations
  • Users have means to certify their attributes

Postconditions

  • Polling can be verified by any party for correctness.

Normal Flow

  • User interacts with a trusted authority that certifies (digitally sign) particular attributes of the user, such as residency and age
  • User records these attributes in their digital wallet
  • Local municipality publishes a public poll
  • User is authorised to vote in the polling system by allowing their wallet to share the required attributes with the polling system (residency and age)
  • User votes
  • (Optional) User changes their vote
  • Local municipality closes the poll and calculates the results.
  • Any party can verify the results of the poll

Alternate Flows

  • User interacts with a trusted authority that certifies (digitally sign) particular attributes of the user, such as residency and age
  • User records these attributes in their digital wallet
  • Local municipality publishes a public poll
  • User is not authorised to vote in the polling system because:
    • They do not allow their wallet to share the required attributes with the polling system (residency and age)
    • They do not possess the correct attributes

Evaluation of UC and requirements realisation

(e.g. manual, automatically...)

Retrieved from "https://www.w3.org/community/dpvcg/wiki/index.php?title=DECODE/BAR_use_case&oldid=99"