Consent Management using User Managed Access (UMA) protocol

Speaker: Thomas Hardjono , MIT

Date: Wednesday, February 19, 2014

Time: 4:00 PM to 5:00 PM Note: all times are in the Eastern Time Zone

Public: Yes

Location: 32-G882

Event Type:

Room Description:

Host: CSAIL Security Seminar

Contact: Frank Wang,

Relevant URL:

Speaker URL: None

Speaker Photo:

Reminders to:

Reminder Subject: TALK: Consent Management using User Managed Access (UMA) protocol

The mission of the MIT-KIT is to develop software components for equitable access to personal data. In the MIT OpenPDS model, each individual has one or more personal data store (PDS). Access to the data in the PDS requires the express consent of the owner of the PDS. In this presentation we discuss the OAuth2.0 authorization framework (RFC6749) as the basis for a consent-management protocol called UMA (User Managed Access). UMA also integrates and builds upon the OpenID-Connect protocol (OIDC) used for identity management and Single-Sign-On (SSO) over RESTful Web-APIs.

Thomas Hardjono is the technical lead and executive director of the MIT Kerberos & Internet Trust Consortium at MIT in Cambridge, MA. He is active in a number of technical communities and standards organizations, including the IETF, IEEE, TCG, Oasis and Kantara. In the IETF Thomas was chair of the Multicast Security (MSEC) working group and the Group Security Research Group. He is an author of RFC 3740 and RFC 3547. Thomas was also co-chair of the TCG Infrastructure Working Group. He is author and editor of a number of TCG specifications focusing on the security infrastructure supporting the TPM hardware. Currently he is co-chair of the Security Services TC (SSTC) in Oasis (home of the SAML2.0 standard), and active contributor to the UMA WG in the Kantara Initiative. Thomas is the MIT representative to the NSTIC Identity Ecosystem Steering Group (IDESG).

Research Areas:

Impact Areas:

See other events that are part of the CSAIL Security Seminar 2013/2014.

Created by Frank Wang Email at Tuesday, February 11, 2014 at 10:40 AM.