Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Current »

UMA telecon 2013-11-07

Date and Time

Agenda

  • Reminder about the meeting schedule in the rest of 2013
  • Field interop feature test issues
  • AS=C use case discussion (most recent previous notes) – any conclusions yet?
  • Healthcare IT record location service use case discussion (if Adrian joins and we have time)
  • Final half-hour: Oshani Seneviratne presentation (see details below)
  • AOB

Minutes

Meeting schedule

tbs

Interop test issues

tbs

AS=C discussion

tbs

Oshani presentation: Discussion on Decentralized Provenance Management for UMA

Abstract: Increasingly there are many privacy breaches on the web that result due to unforeseen data disclosures. It has been suggested by Weitzner et al, among many others, that supplementing access control with information transparency and accountability is one way to mitigate privacy breaches. I will describe a framework that makes transparency a first class citizen on the web, enabling a user to see who, what, why, when and where her sensitive information has been used. This framework is powered by 'decentralized provenance', where an open global trusted network of peer servers participate to keep track of provenance information related to sensitive data usages and disclosures. These records are tamper-evident and provide non-repudiable evidence of actions by various entities on the data. A reference implementation of this framework on electronic healthcare records is available at http://www.transparent-health.us.

The UMA protocol can be extended with this framework, where at each points of control for authorizing who can get access to identity attributes, content, and services can be recorded, and made available to the user after the fact. This framework can also make provisions for 'break glass' scenarios where even unauthorized parties may obtain legitimate accesses to personal data, but leave a trail behind so that the user knows that her privacy has not been breached (for e.g. an emergency room doctor accessing sensitive health data of an unconscious patient). This work is presumed to operate under a legal trust framework, and can be used to prove compliance of actions against policies defined using UMA.

Bio: Oshani Seneviratne is a PhD Candidate at MIT advised by Tim Berners-Lee. Her primary research interest is on transparency, accountability and privacy on the Web. She is also currently actively involved in research projects on disaster management, linked data visualizations, and the MIT app inventor. She has previously taught courses on mobile application development in Kenya, Sri Lanka, and the Philippines through the MIT Accelerating Information Technology Innovation program.

Attendees

  • tbs

Next Meetings

  • No meeting Thu Nov 14
  • All-hands meeting Thu Nov 21 8:30-10am PT (time chart) - we'll discuss resource/scope management and SAML/UMA attribute release with Roland
  • No meeting Thu Nov 28 (US Thanksgiving holiday)
  • No meeting Thu Dec 5
  • Focus meeting Thu Dec 12 8:30-10am PT (time chart)
  • All-hands meeting Thu Dec 19 8:30-10am PT (time chart)
  • No meeting Thu Dec 26 (holidays)
  • Focus meeting Thu Jan 2 8:30-10am PT (time chart)

 

  • No labels