user-managed access eve maler, uma work group chair @xmlgrrl | @umawg | tinyurl.com/umawg 9 december...
TRANSCRIPT
![Page 1: User-Managed Access Eve Maler, UMA Work Group chair @xmlgrrl | @UMAWG | tinyurl.com/umawg 9 December 2012 1](https://reader035.vdocument.in/reader035/viewer/2022070416/5697c0231a28abf838cd3db1/html5/thumbnails/1.jpg)
User-Managed AccessEve Maler, UMA Work Group chair
@xmlgrrl | @UMAWG | tinyurl.com/umawg9 December 2012
1
![Page 2: User-Managed Access Eve Maler, UMA Work Group chair @xmlgrrl | @UMAWG | tinyurl.com/umawg 9 December 2012 1](https://reader035.vdocument.in/reader035/viewer/2022070416/5697c0231a28abf838cd3db1/html5/thumbnails/2.jpg)
The “data price” for online service
is too high: typing…
• Provisioning by hand
• Provisioning by value
• Oversharing• Lying!
2
![Page 3: User-Managed Access Eve Maler, UMA Work Group chair @xmlgrrl | @UMAWG | tinyurl.com/umawg 9 December 2012 1](https://reader035.vdocument.in/reader035/viewer/2022070416/5697c0231a28abf838cd3db1/html5/thumbnails/3.jpg)
The “data price” for online service
is too high: connecting…
• Meaningless consent to unfavorable terms
• Painful, inconsistent, and messy access management
• Oversharing of lots of real information
3
![Page 4: User-Managed Access Eve Maler, UMA Work Group chair @xmlgrrl | @UMAWG | tinyurl.com/umawg 9 December 2012 1](https://reader035.vdocument.in/reader035/viewer/2022070416/5697c0231a28abf838cd3db1/html5/thumbnails/4.jpg)
The “data price” for online service
is too high: private URLs…
• Handy but insecure
• Unsuitable for really sensitive data
4
![Page 5: User-Managed Access Eve Maler, UMA Work Group chair @xmlgrrl | @UMAWG | tinyurl.com/umawg 9 December 2012 1](https://reader035.vdocument.in/reader035/viewer/2022070416/5697c0231a28abf838cd3db1/html5/thumbnails/5.jpg)
Privacy is about context, control, choice and respect – so UMA
enables a “digital footprint control console”
• Web 2.0 access controlis inconsistent and unsophisticated
• To share with others, you have to list them literally
• You have to keep rebuilding your “circles” in new apps
• You can’t advertise content without giving it away
• You can’t get a global view of who accessed what
• You can unify access control under a single app
• Your access policies can test for claims like “over 18”
• You can reuse the same policies with multiple sites
• You can control access to stuff with public URLs
• You can manage and revoke access from one place 5
![Page 6: User-Managed Access Eve Maler, UMA Work Group chair @xmlgrrl | @UMAWG | tinyurl.com/umawg 9 December 2012 1](https://reader035.vdocument.in/reader035/viewer/2022070416/5697c0231a28abf838cd3db1/html5/thumbnails/6.jpg)
UMA turns online sharing into a privacy-by-design solution
I want to share this stuff selectively!•Among my own apps•With family and friends•With organizations
I want to share this stuff selectively!•Among my own apps•With family and friends•With organizations
I want to protect this stuff from being seen by everyone in the world!
I want to protect this stuff from being seen by everyone in the world!
HistoricalMunicipalFinancialVocationalArtisticSocialGeolocationComputationalGenealogicalBiologicalLegal...
HistoricalMunicipalFinancialVocationalArtisticSocialGeolocationComputationalGenealogicalBiologicalLegal...
6
![Page 7: User-Managed Access Eve Maler, UMA Work Group chair @xmlgrrl | @UMAWG | tinyurl.com/umawg 9 December 2012 1](https://reader035.vdocument.in/reader035/viewer/2022070416/5697c0231a28abf838cd3db1/html5/thumbnails/7.jpg)
Problem scenario:student transcript sharing
Bob
7
![Page 8: User-Managed Access Eve Maler, UMA Work Group chair @xmlgrrl | @UMAWG | tinyurl.com/umawg 9 December 2012 1](https://reader035.vdocument.in/reader035/viewer/2022070416/5697c0231a28abf838cd3db1/html5/thumbnails/8.jpg)
Improvements with UMA
Bob
8
![Page 9: User-Managed Access Eve Maler, UMA Work Group chair @xmlgrrl | @UMAWG | tinyurl.com/umawg 9 December 2012 1](https://reader035.vdocument.in/reader035/viewer/2022070416/5697c0231a28abf838cd3db1/html5/thumbnails/9.jpg)
Use case: patient-centrichealth record access
9
![Page 10: User-Managed Access Eve Maler, UMA Work Group chair @xmlgrrl | @UMAWG | tinyurl.com/umawg 9 December 2012 1](https://reader035.vdocument.in/reader035/viewer/2022070416/5697c0231a28abf838cd3db1/html5/thumbnails/10.jpg)
Use case: subscribing to information in a friend’s
personal cloud
10
![Page 11: User-Managed Access Eve Maler, UMA Work Group chair @xmlgrrl | @UMAWG | tinyurl.com/umawg 9 December 2012 1](https://reader035.vdocument.in/reader035/viewer/2022070416/5697c0231a28abf838cd3db1/html5/thumbnails/11.jpg)
UMA status• Web protocol is at near-complete “rough
consensus and running code” phase –join us!
• Builds on OAuth and OpenID Connect• Additional active liaisons with several
NSTIC projects• Several independent implementations,
including 3+ open-source projects• Beta deployment at Newcastle University
imminently• Wide variety of case studies being
published11
![Page 12: User-Managed Access Eve Maler, UMA Work Group chair @xmlgrrl | @UMAWG | tinyurl.com/umawg 9 December 2012 1](https://reader035.vdocument.in/reader035/viewer/2022070416/5697c0231a28abf838cd3db1/html5/thumbnails/12.jpg)
Questions?Thank you
@xmlgrrl | @UMAWG | tinyurl.com/umawg9 December 2012
12