Versions Compared

Old Version 4

changes.mady.by.user Eve Maler

Saved on

compared with

New Version 5

changes.mady.by.user Eve Maler

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Privacy by Design Implications of UMA

 It is useful to examine how User-Managed Access (UMA) relates to the seven foundational principles of Privacy by Design (PbD). In this document we provide an analysis of each principle, and a companion analysis of how UMA and UMA-enabled solutions can support the principle.

...

UMA enables an authorization server to offer a variety of data sharing controls to users, centralizing these controls so that access blocking can easily be applied across any number of resource servers. In most such applications, we anticipate that global preferences such as "block all sharing unless I say otherwise" or "make all sharing public unless I say otherwise" will be available. The UMA-enabled service SmartAM.net does, in fact, block sharing by default. While the UMA protocol itself does not require an authorization server to block sharing by default, a number of environmental factors could contribute to making this option widely available. For example, a requirement to offer this option can be captured in a trust framework agreement that governs a personal cloud or healthcare access federation.

...