Processes View Modeling of Identity-related Privacy Business Interoperability: Considering User-Supremacy Federated Identity Technical Model and Identity Contract Negotiation

Federated identity is a distributed system that is deployed across multiple parties. Service providers still hold the absolute power over people identities. So, identity-related privacy is considered as a mean to entrench subjects´ control over identities and foster trust among multiple involved parties. Thus, identity-related privacy should interoperable, which can be guaranteed through the capture of requirements from different polices related to identity. In this article, we provide and explain a BPMN processes view of the requirements allowing them to be ready to-implement, clear, easy to-understand by each party wishing to collaborate within or across federated identity systems. We highlight that present-day practitioners should be able to translate requirements with user-supremacy federated identity technical model concepts into a set of rules and take into consideration details of identity contract negotiation in order to successfully deliver processes view. BPMN collaboration and choreography diagrams are used to describe seven processes and a sub-process, which would provide a useful way to gain alignment between requirements and IT.