UMA Explained
User-Managed Access (UMA) involves these entities:
...
|
Following is a condensed summary of the draft UMA protocol:
And here are swimlane diagrams showing step 1...
step 2...
and step 3 of the protocol:
For example, a web user (authorizing user) can authorize a web app (requester) to gain one-time or ongoing access to a resource containing his home address stored at a "personal data store" service (host), by telling the host to act on access decisions made by his authorization decision-making service (authorization manager). |
See the following sections for suggested reading. Be sure to read the documents in the Working Drafts area of this wiki for the official definition of UMA.
...
- Flash file
- WMV file (for PC users only)
- ARF file (WebEx download - players for PC & Mac )
- mp3 file
- Overview slide deck (version with no builds, suitable for printing, here)
- Protocol deep-dive slide deck with swimlane diagrams (now out of date; stay tuned for updates)
- Wireframes illustrating how a simplified CV-sharing scenario might work
...
General Interest
- A half-hour Identity Matters podcast was recorded on 20 Jan 2010, explaining how the UMA group operates in the Kantara context.
- The overview slides (slides without builds, audio, Flash, WMV for PC users, ARF file requiring PC WebEx player or Mac WebEx player) from the webinar held on 29 Jan 2010 explains the problem UMA is trying to solve and the general shape of the solution, including a walkthrough of a simplified scenario.
- The User Experience page collects wireframes exploring user interactions with UMA-enabled services. This includes a set of wireframes that matches the webinar scenario.
- We have a working lexicon that explores the relationship between the party who authorizes access and the party who ultimately gets access. Lawyerly types might be especially interested in this.
- Group chair Eve Maler writes about UMA and its predecessor, ProtectServe, here.
- Some historical materials (may be out of date) explaining the original thinking behind UMA and its predecessor, ProtectServeUser, are available.
Implementers and Deployers
Following is a condensed summary of the draft UMA protocol:
See also the following:
- The Protocol Flow page has swimlane diagrams that show the core protocol at a high level.
- Writings by our implementation coordinator Maciej Machulak are at his user-managed access control writings by Maciej MachulakWritings on ProtectServe and UMA by Eve Malersite.