Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

Scenario: Controlling Two-Way Sharing of Location Information (Pending)

Submitted by: Eve Maler

Actors

  • User who chooses to set their current location through an application
  • Authorization Manager that orchestrates which location applications can write to and read from other applications
  • Applications that are Hosts of location information (some of which are also Requesters)
  • Applications that are Requesters of location information (some of which are also Hosts)

Short Description

Today's location services such as FireEagle, BrightKite, and Dopplr let you set your location within any one of several applications, and then use OAuth-enabled connections to propagate that information through other such services. Since location information can be privacy-sensitive, and since people can end up "chaining" services this way, it's especially important for a person to know and control where this information is flowing to. In this scenario, a user of FireEagle, Dopplr, and BrightKite wants to connect them all up to be able to read and write her location to all of them, and she wants to get a global view through her authorization manager of who's allowed to do what and change permissions in a coordinated way.

Dimensions

Nature of protected resource

API endpoint. For example, see the FireEagle developer documentation. The resource being protected is a single endpoint URL, with different options and parameters possible for using it. The possible scopes in today's location services tend to include (a) whether the requesting app (client) can write the user's location, and (b) to what degree the client can read the user's location. For example, see the FireEagle scope permissions documentation; the location-reading options include: no read access, as precise as possible, postal code level, neighborhood level, town level, regional level, state level, and country level.

Sharing models

Current OAuth-protected usage of location services such as FireEagle and BrightKite assumes a person-to-self sharing model, where Alice has login accounts at the various host and requester apps, and wants to instruct them to share her location among themselves on her own behalf; an UMA-enabled version of this would allow her to control such sharing centrally at her AM.

Nature of policies and claims

For person-to-self sharing, a typical policy might require the requesting party to be able to authenticate as Alice directly at the AM (that is, dictating a particular Step 2 web-server flow that uses normal OAuth user authentication), or might require a claim that it is an authenticated Alice asking for forge the connection.

Cardinality

This scenario is 1:1. There is no need to aggregate multiple resources from multiple hosts, for example.

Colocation

The same app might both read and write location data (by using different methods with the same API endpoint), which allows a requester app to write data to a host while still technically remaining a request. With today's OAuth-enabled location services, the location services also seem to be relatively "peer"-ish, in that they each have application galleries that support any one of them serving as an initial host. So it could be said that the same app might be a host for some users and a requester for others, and/or might be set up as both a host and a requester for the same user's location; however, the latter may be very confusing given current OAuth realities.

Host-AM relationship

Today's OAuth-enabled apps require static introduction and configuration, but the light weight and low security of these Web 2.0 services suggest that dynamic introduction is a possibility as long as the location API is well-known/standardized.

Protected resource discovery

Today's OAuth-enabled apps advertise this location in the process of static introduction and configuration, but with a well-known/standardized location API, it seems possible that a location service host could advertise its endpoint through dynamic means such hostmeta/XRD.

Scope Detail

Below is a screenshot showing that FireEagle and Dopplr have the capability today to have two-way location information flow. Our user wants to be able to see this "combinatorily", for all location services and indeed for all such services on the web that she chooses to use for hosting any data or content.

  • No labels