π Diagram: (Smart Speaker Platform from `Precise Analysis of Purpose Limitation in Data Flow Diagrams) β
π Link to Original Paper β
View Full Main SourceOpen Example Model in Example Models Bundle
π Link to GitHub Repository β
π Short Description β
This diagram shows a fictional Smart Speaker system. The use cases include the download and install process aswell as voice-guided command sequences and data exchanges with third parties.
π€ Abbreviations β
CMD: Command
π Extensive Description β
The Device Owner can first download the mobile app for using the smart Speaker. After the initial setup, the user will login to the app and connect the Speaker to the local network (the Router). The user can also log in to the Music Store. The user activates the speakersβ microphone and sends voice_requests which are processes by the Provider, returning the corresponding command back to the Speaker. The Speaker then invokes the Music Store API provided capabilities to stream the desired content. Finally, the Provider may send certain aggregated statistics about their history of clientelesβ requests to Third-party Partners.
π·οΈ Label description β
-### ποΈ Data Labels:
- Purpose: These labels mark the intended purpose of a given data flow between two nodes. These can be:
Install,Login,Authenticate,Register,Streaming,NotifyUser,CMDProcessing,VoiceProcessing,TriggerMusicStore,Marketing,Storage,AIProcessingandNoPermission.
π·οΈ Node Labels: β
- AllowedPurpose: These labels designate allowed purposes to nodes. They are a subset of Purpose labels:
NotifyUser,Streaming,Register,MarketingandStorage. - ComponentCategory: This labels the nodes according to their place in the overall system. There are:
UserHomeDevice,MusicStore,UserPhone,Provider,DeviceOwner,Router,ThirdPartyPartnerandAppStore.
β οΈ Constraints β
StorageConstraint β
This constraint ensures that data flows marked for Storage Purposes are never handed to an entity from the ComponentCategory UserHomeDevice.
StorageConstraint: data Purpose.Storage neverFlows vertex ComponentCategory.ThirdPartyPartner
PermissionConstraint β
This constraint ensures that data without permissions is not processed withhin the UserHomeDevice.
PermissionConstraint: data Purpose.NoPermission neverFlows vertex ComponentCategory.UserHomeDevice
π¨ Violations β
User data marked for storage flows to a Third-Party Partner, which violates the StorageConstraint.