Verified Attributes

A personal data store can store and apply different levels of attribute assurances and verification underpinned by cryptographic techniques to provide an audit trail of activity. The different levels of attribute assurance and verification are as follows:-

Data Connection Type Attribute Assurance and Verification Action
Self asserted data provided directly by individuals through their own PDS front end The time and date stamp of such entries and updates are recorded via an audit trail.
Data that is being captured via their Mydex browser extension i.e bookmarks, web snippets, browsing history Time and date stamps and metadata for each of these transactional records is automatically generated.
Data collected from an existing third party service where they have an account that offers API based access e.g. social media services The data is appended to their PDS and time and date stamped at point of addition.
Attributes delivered from organisations and services within the Mydex Trust framework over secure connections In most cases there attributes are transactional or state records written to the PDS by the attribute provider organisation and are time and date stamped and cannot be modified by the individual but may be accessed by the other connected organisations subject to the consent of the individual concerned.

These types of attributes are described as verified attributes or assured attributes and can be used to provide access to other services e.g. proof of identity, age, entitlement, status etc.

These attributes can be updated automatically by the attribute provider or revoke them if they cease to be valid.

The relying parties of an attribute can check that it is being maintained, understand the last time it was updated and inspect the certificate of authenticity and validate it for themselves.

Verified attributes in the PDS

The following verified attribute actions occur only if the data comes from a trusted connection:-

These certificates can be queried using the below API requests.


Making an API request for Available Certificates

This returns an array of all available certificates within the pds.

Example API Request to the Sandbox Server

http://sbx-api.mydex.org/api/certificates/available
  ?uid=UID
  &key=KEY
  &api_key=API_KEY
  &con_id=CON_ID
  &source_type=connection

Replace the following with your own details: UID, KEY, API_KEY and CON_ID.

Example Response

{"result"
   "22":{
      "id":"22",
      "instance":"0",
      "source":"1111-2222",
      "dataset":"ds_browsing_history",
      "field":"browsing_history_url",
      "ref_id":"1",
      "version":"0"
      "created":"1542976187"
   },
   "23":{
      "id":"23",
      "instance":"0",
      "source":"1111-2222",
      "dataset":"ds_browsing_history",
      "field":"browsing_history_title",
      "ref_id":"1",
      "version":"0"
      "created":"1542976187"
   }
}

Making an API request for Verified Certificates

This returns verification of the certificate for the dataset and field selected.

Example API Request

curl
    -X POST
    -H 'Content-Type: application/json'
    -d '{"FIELD_NAME":”VALUE”}'
    'https://sbx-api.mydex.org/api/certificates/verify
      ?uid=UID
      &key=KEY
      &api_key=API_KEY
      &con_id=CON_ID
      &source_type=connection
      &dataset=DATASET
      &instance=0'

Replace the following with your own details: UID, KEY, API_KEY, CON_ID and FIELD NAME and corresponding VALUE of the required certficate.

Example Response

{“certificate valid”:”1”}

An unsuccessful request will return an error message explaining the problem.


Making an API request for Validated Certificates

This returns an array of validated certificates for the dataset and fields selected.

Example API Request

curl
    -X POST
    -H 'Content-Type: application/json’
    -d '{
          "FIELD_NAME":”VALUE”,
          ”FIELD_NAME”:”VALUE”
        }'
    'https://sbx-api.mydex.org/api/certificates/validate
      ?uid=UID
      &key=KEY
      &api_key=API_KEY
      &con_id=CON_ID
      &source_type=connection
      &dataset=DATASET
      &instance=0'

Replace the following with your own details: UID, KEY, API_KEY, CON_ID and FIELD NAME and corresponding VALUE of the required certficates.

Example Response

{
  “ba_transaction_date”:”TRUE”,
  ”ba_transaction_type”:”TRUE”
}

An unsuccessful request will return an error message explaining the problem.