Blogs - Verificação do usuário em passaportes de produto digital Um diagrama BPMN explicado

BPMN diagram illustrating user verification steps, including credential submission, API verification, and role-based access control for secure data handling

Tabela de conteúdo

Explicação dos componentes do diagrama de verificação do usuário
Nossos serviços
- Aviso:As soluções do ComplyMarket são patenteadas e qualquer uso sem permissão por escrito do ComplyMarket levará a graves consequências legais.

This diagram represents the structured process of verifying user credentials and authorizing access based on user roles. The Business Process Model and Notation (BPMN) illustrates each step from initiating verification to granting role-specific access.

Explanation of User Verification Diagram Components

1.Start Event:

- Purpose: Initiates the verification process when a company submits credentials, such as a digital certificate from a trusted Certificate Authority (CA).

2.Submit Credentials Task:

- Description: The user (who can be a company, recycler, government official, or notified body) sends credentials through a web application interface.

3.Verify Credentials via API Task:

- Functionality: The backend system verifies credentials via an API provided by the CA to ensure authenticity.

4.Decision Point for Credential Validity Gateway:

- Role: Determines if the credentials are valid.
- Outcomes:

- - - Valid Credentials: Proceeds to authorize the user.
    - Invalid Credentials: Displays an error message to inform the user of credential issues.

5.Determine User Role Task:

- Process: Uses the e-ID system to identify the user’s role based on the provided credentials.

6.Role-Based Authorization Gateway:

- Details: Directs users to their appropriate access levels:
  - Company: Authorized to create DID resolvers and generate QR codes.
  - Recycler: Access to more detailed database information than the general public.
  - Government Official: Higher access level to sensitive information not accessible to others.
  - Notified Body: Allowed to view specific test reports not available to other users.

7.End Event:

- Final Step: Completes the user verification and authorization process based on the identified role.

This process ensures that users are securely authenticated and granted role-based access, aligning with the company’s security and compliance standards.