Add support for Two Person Integrity / Two Factor Authentication

[stroomdev10]

No description provided.

[burnalting]

For MFA, would the addition of a Token or AuthenticationToken and a TokenType or AuthenicationTokenType pair of child elements to the EventDetail/Authentication element be sufficient?

It could be as simple as a pair of string types or one can go to the extent of creating a AuthenticationTokenType which could contain an

• Id
• Type
• Description
  ...
• MFAHostName
• MFAIPAddress

[burnalting]

For Multi Person Integrity activity, I'd suggest the addition of an EventSource/MUser element of a type that allows one to record the participating users and their participation function. For example (using the current schema) one could use

EventSource/Muser/User/Id = 'jack'
EventSource/Muser/User/State = 'Initiator'
EventSource/Muser/User/Id = 'jill'
EventSource/Muser/User/State = 'PrimaryConcent'
EventSource/Muser/User/Id = 'roberta'
EventSource/Muser/User/State = 'SecondaryConsent'

or

EventSource/Muser/User/Id = 'jack'
EventSource/Muser/User/Groups/Group/Name = 'Initiator'
EventSource/Muser/User/Id = 'jill'
EventSource/Muser/User/Groups/Group/Name = 'PrimaryConcent'
EventSource/Muser/User/Id = 'roberta'
EventSource/Muser/User/Groups/Group/Name = 'SecondaryConsent'

or better still, extend the UserComplexType to include a CurrentRole element that allows one to record the current role or function that the user is assuming at the time of the event and hence we would now have

EventSource/Muser/User/Id = 'jack'
EventSource/Muser/User/CurrentRole = 'Initiator'
EventSource/Muser/User/Id = 'jill'
EventSource/Muser/User/CurrentRole = 'PrimaryConcent'
EventSource/Muser/User/Id = 'roberta'
EventSource/Muser/User/CurrentRole = 'SecondaryConsent'