User-Managed Access: The BLT Sandwich – Business, Legal, Technical – Use Cases Mappings
User Managed Access: The BLT Sandwich
Tuesday 4D 1I
Convener: Eve Maler
Notes-taker(s): Scott Fehrman
Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:
The UMA work has business, legal, and technical aspects. That's what the "BLT sandwich" (business, legal, technical use cases mapping) is about. In this session:
- We reviewed how UMA works in light of OAuth and OpenID Connect (for more, see the UMA Introduction session notes).
- We presented the new draft formal model of UMA-related legal parties, such as Data Subject Agent, and Authorization Server Operator, and the way they can delegate and license abilities and rights to other such parties — we plan for this to drive boilerplate legal text that would be available through CommonAccord.org.
- We discussed real-life scenarios such as when mother Alice manages who gets access to newborn Johnny’s medical records and then he goes through different life stages.
- The goal is to improve liability apportionment and individual empowerment through auditability and possibly even tools like smart contracts.
- This slide deck was presented.
Quick overview ...
- OAuth is for constrained delegation to apps .. the OAuth “dance”
- OpenID Connect does modern-day federation
- OAuth protected identity API, plus a bit more
- User Managed Access is for cross-party sharing
- Next-gen delegation and consent to OAuth
Organizations have Resource Servers and want them to be sharable
Multiple resource servers can use a single authorization server
It’s now about Alice to Bob sharing
Think about Google Docs:
- setup what you want to share
- control who actually has access
- revoke access
Use Case: Origo … implemented UMA 1.0, UK pensions dashboard (for more information, see this white paper, website, article, and video)
- Discover all the pension accounts
- Alice to Alice sharing, initially, pension dashboard client
- One Authorization Server
- Multiple Resource Servers
- Alice can share with financial advisors … the Requesting Party
- Selects what to share with who
Recently published, draft report, UMA 2 Proposed licensing model (see also the new draft report) … Legal role definitions
Giving access can come with some usage constraints
Starting with legal relationship model
Common Accord model
UMA capabilities … align well to a "next-gem" permission taxonomy (for more info, see this talk):
- Modes
- Directed, Reactive, Long-Term
- Methods
- Concrete, Abstract
- Controls
- Scope, grantee, environment, usage (constraints can only be legally enforceable), downstream (constraints can only be legally enforceable unless resource owner and requesting party share an AS)
Attempt at a formal legal model … legal relationships:
- Persons
- Delegation and licensing
- Devices and artifacts
Scenario: Parent-child resource management
- Stage One: Mother and newborn child, offline
- Stage Two: Child old enough to use on-line services
- Stage Three: Child no longer needs legal guardian (age related to resources)
Need for more Identity Relationship Management capabilities
Digital death … who has control of on-line data after biological death