ISO/TR 20078-4:2021 pdf download – Road vehicles — Extended vehicle (ExVe) web services — Part 4: Control
Figure 2 displays an example for one accessing party. The accessing party or the offering party defines containers, each identified by a unique container Id (CID), to access resources of the offering party. The resource owner can individually grant, deny or revoke — at any time — access (ISO 20078-3) to resources of defined containers (ISO 20078-1) in relation to a one or more vehicle identifiers (VINs) for not anonymized resources. Such decisions made by the resource owner are collectively called the request permission processes. Possible states or outcomes of these processes are the following. — Granted: a certain container is defined by the accessing or the offering party. The resource owner grants access to the container (and if required in combination with a vehicle identifier) for the accessing party. Through this grant process the resource owner verifies that both the resources, and the purpose of data processing of the container are presented by the offering party; see Figure 15 and/or Figures 16 and 17. — Denied: a certain container is defined by the accessing or the offering party. The resource owner denies the access to the container for the accessing party. Because of this action, the resource owner does not approve the access to the resources and/or the purpose of data processing of the container that are presented by the offering party; see Figure 18. — Pending/ignored: a certain container is defined by the accessing party or the offering party and selected for a grant request. After starting the request, the resource owner does not continue to either grant or to deny the request. The request stays pending as long as it is ignored by the resource owner. If a pre-defined time passes, and the request has been ignored, it is denied by the offering party; see Figure 19.
4.2 Accessing party The accessing party uses the issued credentials to authenticate itself when requesting access tokens from the offering party. To retrieve an access token and access the resource owner’s resources, an explicit grant from the resource owner is required. Afterwards the accessing party registers its own digital customers on its digital services/applications and/or on its resource providing services; see Annex A as an example. These digital customers consume the digital services/applications that are developed, offered and maintained by the accessing party. These services are available for use as long as access to resources of the offering party is granted by the resource owner. 4.3 Offering party The offering party makes resources available via web services for access by an accessing party. The offering party provides access to resources based on the consent of the resource owner either on a single resource or resources grouped by a container. Additionally, the offering party manages the processes defined in (Clause 5). 5 Processes 5.1 Registration 5.1.1 Accept registration of a requesting party A requesting party (not yet an accessing party) sends a registration request with the mandatory registration information (identification) to the offering party.