Kordeus.PAX - User Roles: Difference between revisions

From Kordeus Wiki
Jump to navigation Jump to search
Stefanseiler (talk | contribs)
Stefanseiler (talk | contribs)
 
(2 intermediate revisions by the same user not shown)
Line 1: Line 1:
Kordeus.PAX is a distributed process guidance system which governs interactions between various parties, each owning their own b-op Digitals as part of the highly distributed Peer-To-Peer network.
'''Kordeus.PAX''' is a distributed process guidance system that governs interactions between multiple parties. Each party owns its own b-op Digitals within a highly distributed peer-to-peer network.


=== Parties / General Roles ===
=== Parties / General Roles ===
The Kordeus.PAX generally known these roles:
Kordeus.PAX generally distinguishes between the following roles:
* Passenger  
 
* Passenger
* Travel Partner Staff
* Travel Partner Staff
* MOC Staff
* MOC Staff
Line 10: Line 11:
* Core Admin
* Core Admin


=== Roles and Portal binding ===
=== Roles and Portal Binding ===
Kordeus.PAX <u>is not</u> an old fashion monolithic "'''one-software fits all roles'''" & "'''all data are in on large database'''" system. Instead :
Kordeus.PAX <u>is not</u> a traditional monolithic system based on a "'''one software fits all roles'''" approach or a single large central database. Instead:
 
* Users can process and share their data independently of specific portals or applications. For further information, see [[KORDEUS - Data retention and deletion concept|b-op data handling]].
* User access to an application depends on the operations they need to perform and the data they are authorized to access.
 
<u>Example</u>: It would not be meaningful for ground handlers to access the PAX.Portal to manage their tasks. In addition, PAX.Portal does not provide this functionality.


* users may process and share their data fully indenpent of the portals/applications (see this data on [[KORDEUS - Data retention and deletion concept|b-op data handling]] )
As a result, the traditional role concept within a single application is less dominant than in conventional applications:
* users access to an application makes sense on which operations they want to perform and to which data they have access.
<u>Example</u>: it does not make sense for ground handler to access the PAX.Portal for managing their tasks. Besides that the PAX.Portal does not even offer this functionality!


So the classical role concept with an application is no longer as dominant as it was in old fashioned applications:
* Each application is one of several possible interfaces through which data owners can manage their data.
* Applications act as '''access gateways for data-driven actions'''.
* Data residency and ownership are decoupled from the physical location of the application. Each application supports a defined set of operations and data processing actions.
* Interaction with other Digitals is governed by established trust relationships. If no trust relationship exists, the corresponding operations are blocked.


* Each application is just one of possibility of mulitple for data owners to manipulate the owners data.  
Accordingly, the use of specific portals is only relevant for roles that own or process data within the respective application. The following table shows the role-to-portal mapping for '''Kordeus.PAX''':
* Applications act as '''access gateways to data-driven actions'''.
* Data residency and ownership is being totally dissolved from the physical residency of the application. So the application has a set of possible operations / data processing actions it supports.
* Interaction with other digitals is defined by established trust relations. So non-existing trust relations also block operations.


Instead usage of specific portals only makes sense for roles, which own data to process in that application. Here is a role to portal map for '''Kordeus.PAX''':
{| class="wikitable"
{| class="wikitable"
!
!
!Role
! User-Groups / Roles
!Comment
!Data owning
[[:Category:Digital Types|Digital Type]]
! Comment
|-
|-
!PAX.Portal
! rowspan="2" | PAX.Portal
|Passenger, Travel Partner
| Passenger
|LH PAX Portal, Discover PAX Portal
|[[Passenger digitals|Passenger]]
| LH PAX Portal, Discover PAX Portal
|-
|Travel Partner Staff
|[[Travel partner digitals|Travel Partner]]
|
|-
! rowspan="2" | SARA
| MOC Staff
| rowspan="2" |[[Travel assistance service operation center digitals|Medial Operation Center]]
|
|-
|-
!SARA
|Doctors
|MOC Staff, Doctors
|
|
|-
|-
!DeliveryPartner.Portal
! DeliveryPartner.Portal
|Delivery Partner
| Delivery Partner Staff
|[[Delivery partner digitals|Delivery Partner]]
|
|
|-
|-
!Core.Admin
! Core.Admin
|System Administrators / Core Admins
| System Administrators / Core Admins
|LH Group Digital (LH/Discover)
|[[Carrier digital|Carrier Digital]]
| LH Group Digital (LH/Discover)
|}
|}



Latest revision as of 10:36, 30 April 2026

Kordeus.PAX is a distributed process guidance system that governs interactions between multiple parties. Each party owns its own b-op Digitals within a highly distributed peer-to-peer network.

Parties / General Roles

Kordeus.PAX generally distinguishes between the following roles:

  • Passenger
  • Travel Partner Staff
  • MOC Staff
  • Doctors
  • Delivery Partner Staff
  • Core Admin

Roles and Portal Binding

Kordeus.PAX is not a traditional monolithic system based on a "one software fits all roles" approach or a single large central database. Instead:

  • Users can process and share their data independently of specific portals or applications. For further information, see b-op data handling.
  • User access to an application depends on the operations they need to perform and the data they are authorized to access.

Example: It would not be meaningful for ground handlers to access the PAX.Portal to manage their tasks. In addition, PAX.Portal does not provide this functionality.

As a result, the traditional role concept within a single application is less dominant than in conventional applications:

  • Each application is one of several possible interfaces through which data owners can manage their data.
  • Applications act as access gateways for data-driven actions.
  • Data residency and ownership are decoupled from the physical location of the application. Each application supports a defined set of operations and data processing actions.
  • Interaction with other Digitals is governed by established trust relationships. If no trust relationship exists, the corresponding operations are blocked.

Accordingly, the use of specific portals is only relevant for roles that own or process data within the respective application. The following table shows the role-to-portal mapping for Kordeus.PAX:

User-Groups / Roles Data owning

Digital Type

Comment
PAX.Portal Passenger Passenger LH PAX Portal, Discover PAX Portal
Travel Partner Staff Travel Partner
SARA MOC Staff Medial Operation Center
Doctors
DeliveryPartner.Portal Delivery Partner Staff Delivery Partner
Core.Admin System Administrators / Core Admins Carrier Digital LH Group Digital (LH/Discover)

See also