UMA Demo
From IIW
Session Topic: UMA Demo
Thursday 1D
Convener: Maciej
Notes-taker: Matt Berry
Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:
http://www.cloudidentity.co.uk/services/user-managed-access
- Demo of UMA where B accesses A’s data for Job Application
- RS sends data’s identifiers to AZ
- RS pulls access control policies from AM
- Job site (RS) can discover data from PDS RS
- Receivers can request access to data asynchronous to data owner using RS
- RS/AZ own process of notifying data owner about pending requests
- Does UMA support conditional policies?
- No: language doesn’t natively support it
- Yes: scopes can be used to fake it “read”, “read-if-ip-in-range-192.168.0.0/32”
- Does UMA support policies about data that doesn’t yet exist
- No
- Drafts around Policies written for “types” of data are in progress