Public Blockchains AND – Private UMA) User Managed Access
Public blockchains and private UMA
Convener: Adrian Gropper
Notes-taker(s): Scott Mace
Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:
Adrian draws a stack:
- User at top
- Mobile device
- DID (decentralized distributed ID)
One model for how to create an agent is something called UMA, User Managed Access, been worked on for about 8 years.
What this agent does is when somebody like a doctor (Bob) wants to have access to something about patient Alice, the lab creates a resource, has an API. Alice might be completely anonymous or pseudonymous. Healthcare allows for that. Bob is the requesting party. The directory may or may not exist. Bob gets the idea there’s something about Alice that the lab has. The HIE is the agent. The lab could be anything that has personal information about you. As a servicer to you Alice, I’m going to register this result. Bob figures out sometime later that Alice has a test result and goes there. The resource says yeah I have a test result but I can’t give it to you. You have to go to Alice’s agent. First, Bob brings a context. This is what we’re calling the self-sovereign stack. Bob is bringing a context and bringing credentials. He will bring his medical license. And the agent will be autonomous. I will claim the most interesting aspect of the agent is in terms of AI and machine learning without it being owned by anybody. When the agent looks at the context and the credentials, the agent returns an access token to Bob. Taken by Bob’s client to the lab. The lab gives the resource to Bob’s client. Based on a theory called the object capabilities model. Can’t use access control lists to just give Bob the answer. Why the mobile? This is where the biometrics live or things that behave like the biometrics. What makes it convenient and practical for Alice as a person to control their agent and the DID. UMA lives in this layer (agent) where everything is private. Maybe running in a closet in my house. Agent is not online all the time. It can be lost. You might want to have multiple agents. It’s a practical issue, not a philosophical one.
Q: Will there be companies running agents in people’s closets?
A: We hope so. Two issues. How do we get the world to play by these rules? Not in the nature of manufacturers, service providers, even doctors to give users control. How about the design of the stack? How do we give the labs or manufacturers, drug companies, primary service providers (not data brokers) potential? Second problem, how do we make it cost effective for everybody to be able to run their agent in a self-sovereign way without having to compromise by having a data broker seeing or monetizing my data. There are two camps. Slowly the world is shifting. Two years ago, there was no blockchain and all federation. In healthcare, federation does not work and has never worked. Healthcare is provided by everything from a VA hospital to a nursing home or a doctor that’s semi-legal in a poor neighborhood. You cannot have effective federations around identity in healthcare. So what’s been happening at IIW, people are paying more attention to self-sovereign identity. It doesnt mean you can’t use federation, but it means you don’t need to use federation. Alice can decide to whitelist federated IDPs. If Bob says I don’t have any ID but I have my Gmail address. HIE of One says oh that’s fine. There are certain things I will trust Google as an identity provider to do. Sutter Health is an identity provider.
Alan H. Karp: Patients love this. My choice was doctors see my medical records or not. With a token I give the guy doing my X-ray a subset of my record.
Adrian: With standard HIEs you have either an opt-in or opt-out agreement. None of them are wildly successful. You’re basically opting in to a certain set of policies. Imagine an HIE opt-in agreement.
Alan: Think of them as your Google privacy settings.
Adrian: In the case of psych info, whether Alice has control over that info is a debatable point. Is identity what I assert, or what others say about me?
Q: As people get older they designate a health agent. They can be guardians.
Adrian: Yes I’ve oversimplified by not dealing with guardianship. Delegation with attenuation.
Alan: If Bob gets a credential from Alice to see the lab report, can he give a subscope token for someone else, like a nurse.
Q: Never made it to RFC. There’s token chaining. The more UMA approach is for Bob to redelegate rights for someone else to get a token.
Adrian: In this stack, and the protocols associated with it, the lowest level is by definition public. No one is proposing private DID systems yet. Would be a corner case. DID documents may be IPFS or in the blockchain directly. Everything above it needs to be private. One of the reasons that drives this whole philosophy is the increasing importance of machine learning and AI. The only place that has access to your policies. I don’t have to declare if I’m a Democrat or a Republican to anyone. How do we create a gig economy for physicians. Credentialing. Prescriptions. Secure transactions. Reputation. Some matching function. In general, the first two of those are handled by the standards we have today. The reputation piece is very squishy. Matchmaking is just out of scope.