Enabling end-users to share their access rights

You may want to control how households are using the subscription to your digital services. Often, the family father sets up an account that is then shared amongst the family members. At that time, you will lose a good view on the activity of individual persons. Moreover, it does not allow you to detect abuse by people sharing their account with all their friends.

You may explicitly encourage people to share their rights within their family. For example, you may want a family father to share his digital subscription, or a family mother to share her loyalty discounts. This would encourage your users to register individually rather than using shared accounts. This will give you a much more precise view on the behaviour, habits and preferences of individuals.

Enabling relation-based access control

To control access to a shared asset, you may want to verify what type of relation the user has with the asset. Examples of using relations in granting/denying digital access are:

  • is owner of
  • is technician of
  • is operator of
  • is trainee of
  • is administrator of
  • is supplier of

Traditional implementations perform the check using a named list of individuals, for example using Active Directory. Maintaining such a named list of users requires a lot of back office administration and is errorprone. Using self-administered relations, access is defined by the asset owner themselves.

Learn more about our solutions based on miaa PrivateGroups.