Consideration on UMA Trust Model
UMA trust model can be showed through the tree phases of the entire process:
- Subject Registration, which is referring for creating trust relationships between the Subject towards AM, and Subject towards Host, and vice versa.
- Host Introduction, which is referring for establishing trust relationship between Host and AM, brokered by the Subject, in order to allow Host to delegate authorization decision to AM during the data sharing process.
- Data Sharing constellations, which is referring for delegating a third-party (Requesting Party) to access web resource.
The first two phases can be consolidated in a unique and fundamental element that we call Bootstrapping Trust.
Trustworthiness Factors
Through UMA, which is an user centric Identity management system, a Subject is able to control what information will be revealed for what purpose with which parties. Based on these elements, the following table describes the main factors that we consider relevant to measure the level of trustworthiness for each party involved in the protocol:
items |
Factors |
Description |
Quantitative |
Qualitative |
Typology |
|---|---|---|---|---|---|
TF1 |
Level of Assurance |
|
1-4 |
- |
Technical and |
TF2 |
Privacy Impact |
|
Low=0, Medium=1, |
yes |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|