User Managed Access
SpeakerRoland Hedberg
TrackTrack 2 -- Lecture Hall IV on the Main Floor
SessionIdentity & Federation
DescriptionMore and more individuals have information on online services. The norm so far has been that that such information is public, open to anyone to view/use. Eventually this has to change, people will start realizing that public access to all publish information is not in the individuals best interest.
Information that once was thought just fun to publish might a couple of years down the line have a negative impact on the future of a person.
Therefore individuals must be able to control who (other persons as well as other services) can do what with what. And to do this in a standardized way that many, if not all, services can support.
To that end a working group was created a number of years ago by the Kantara Initiative (http://kantarainitiative.org) to try to:
”develop a set of draft specifications that enable an individual to control the authorization of data sharing and service access made between online services on the individual's behalf, and to facilitate the development of interoperable implementation of these specifications by others.”
The name of the working group is User-Managed Access (UMA).
In this talk I will present a couple of proof-of-concept implementations that I have been working on:
- Allowing individuals to control the attribute release policy of a SAML2 Identity Provider.
- Allowing individuals to control the access to JSON resources in a simple web server adhering to Paul Bryant’s Internet draftand possibly, dependent on progress.
- UMAfying the Health IT Record Location Service (Data Aggregation) use case.
Information that once was thought just fun to publish might a couple of years down the line have a negative impact on the future of a person.
Therefore individuals must be able to control who (other persons as well as other services) can do what with what. And to do this in a standardized way that many, if not all, services can support.
To that end a working group was created a number of years ago by the Kantara Initiative (http://kantarainitiative.org) to try to:
”develop a set of draft specifications that enable an individual to control the authorization of data sharing and service access made between online services on the individual's behalf, and to facilitate the development of interoperable implementation of these specifications by others.”
The name of the working group is User-Managed Access (UMA).
In this talk I will present a couple of proof-of-concept implementations that I have been working on:
- Allowing individuals to control the attribute release policy of a SAML2 Identity Provider.
- Allowing individuals to control the access to JSON resources in a simple web server adhering to Paul Bryant’s Internet draftand possibly, dependent on progress.
- UMAfying the Health IT Record Location Service (Data Aggregation) use case.
Presentation documents
All talks
- Introducing 100G Transmission & OTN in the Nordics
- "UH-sky" - A Community Cloud for the Norwegian Research and Education Community
- A Green ICT Maturity Model for Higher Education.
- Automatic Provisioning of Networking Resources in Foreign Domain
- Bring-your-own-device Exam System for Campuses
- Building a Distributed Cloud Storage System for Researchers is Not as Hard as You Think....Or is it?
- COmanage: Identity Management and Collaboration Services for Virtual Organizations
- Censoring Other People's Metadata
- Challenges and Opportunities Building a Wireless Campus Network
- Cloud-storage with Box.com on a Nordic Level - From Tenders to Implemented Services
- Cognitive OTP - Novel Technique to Establish Identity of a Person (Human) in Cyber Space
- Data Analysis as a Service
- Data Driven Wind Business
- Data Practices in the Solid Earth Science: An Example from Seismological Community
- Deploying Standards-based, Multi-domain Bandwidth-on-Demand Services
- Digital Assessment with Students' Own Device: Challenges and Solutions
- Digital Assessments, on Campus and Networks
- ERAI - EUNIS Research and Analysis Initiative
- Enlighten Your Research Global: An International Competition to Support Global Scientific Collaboration
- European Rosetta Mission to Comet 67P - A Challenge for Virtual Observatory Approach
- Fostering Aggregated Public Sector Procurement on a European Scale – The Legislation and Practical Application
- From NSI Demonstrations to Production Services: The NSI-CONTEST Conformance Test Suite
- Future Network Architectures
- GÉANT, Other e-Infrastructures and the Future Internet – Driving European Innovation
- GÉANT2020 - Towards the European Communications Commons
- How to Build Trust on the Internet
- How to Succeed in ISO 27001 Information Security Certification
- Hybrid Clouds and Open Source Technologies as Key to Competitive Differentiation
- Innovation Platform 2.0
- Invitation to NDN2016
- Large-scale Campus Wireless Networks: Development, Opportunities and Strategy
- Layer 1 Encryption in WDM Transport Systems
- MOOC as Disruptive Innovation
- Making Mobile Data Consumption Affordable for Higher Education Students in Netherlands, Portugal, Spain and Sweden.
- Managing Audio-Visual Cultural Data
- Managing Big Multidimensional Data - For Energy And Beyond
- Methods for Improving Multimedia Streaming Throughput to Mobile Nodes in Heterogeneous Wireless Environments
- Multi-Domain VPN, a New Network Service in Europe
- Nordic Collaboration on e-Infrastructures: Challenges and Opportunities
- Numbering All the Bones
- OPEX Savings Based on Energy Efficient Strategies in NREN Core Optical Networks
- Open Cloud Service Hubs
- Organising a Customer Survey - Case Funet
- Packet-Optical and SDN Evolution for Transport Agility
- Panel of Nordic NREN CEOs
- Panel of Video Experts
- People in Glass Houses Shouldn't Throw Stones
- SUNET eduID - An Open IdP for Higher Education in Sweden
- Secure Cloud Management
- Secure Data Storage and Sync Despite the Heartbleeds and Snowdens
- Shared Lecture Capture Services in Norwegian Higher Education
- Standing on Giants: The Relationship between Research Infrastructures with e-Infrastructures
- The Danish National Strategy on Data Management
- The Global Context for 2020
- The Missing Link - Obstacles to Global Integration
- UNINETT CBP activities
- UNINETT Feide Connect
- UNINETT's Network Monitoring Toolkit
- User Managed Access
- Using Commodity Hardware for Large Scale 10Gbps Passive Monitoring
- Videoconferencing Without the Worry - An NREN Service
- Web-RTC: A Proposed Roadmap for Higher Education & Research
- Welcome from SUNET
- Welcome to Uppsala University
- cryptech.is