Consent Management using User Managed Access (UMA) protocol
Date: Wednesday, February 19, 2014
Time: 4:00 PM to 5:00 PM Note: all times are in the Eastern Time Zone
Host: CSAIL Security Seminar
Contact: Frank Wang, firstname.lastname@example.org
Speaker URL: None
TALK: Consent Management using User Managed Access (UMA) protocol
The mission of the MIT-KIT is to develop software components for equitable access to personal data. In the MIT OpenPDS model, each individual has one or more personal data store (PDS). Access to the data in the PDS requires the express consent of the owner of the PDS. In this presentation we discuss the OAuth2.0 authorization framework (RFC6749) as the basis for a consent-management protocol called UMA (User Managed Access). UMA also integrates and builds upon the OpenID-Connect protocol (OIDC) used for identity management and Single-Sign-On (SSO) over RESTful Web-APIs.
Thomas Hardjono is the technical lead and executive director of the MIT Kerberos & Internet Trust Consortium at MIT in Cambridge, MA. He is active in a number of technical communities and standards organizations, including the IETF, IEEE, TCG, Oasis and Kantara. In the IETF Thomas was chair of the Multicast Security (MSEC) working group and the Group Security Research Group. He is an author of RFC 3740 and RFC 3547. Thomas was also co-chair of the TCG Infrastructure Working Group. He is author and editor of a number of TCG specifications focusing on the security infrastructure supporting the TPM hardware. Currently he is co-chair of the Security Services TC (SSTC) in Oasis (home of the SAML2.0 standard), and active contributor to the UMA WG in the Kantara Initiative. Thomas is the MIT representative to the NSTIC Identity Ecosystem Steering Group (IDESG).
Created by Frank Wang at Tuesday, February 11, 2014 at 10:40 AM.