SlideShare uma empresa Scribd logo

UMA - An Open Standard for Consent-Driven Personal Data Sharing

Transferir como PPTX, PDF
Chris Adriaensen
Chris Adriaensen

Presentation given at LSEC meeting.

Tecnologia
1 de 16
© 2016 ForgeRock. All rights reserved. Chris Adriaensen Senior Customer Engineer chris.adriaensen@forgerock.com @chrisadriaensen | @ForgeRock An Open Standard for Consent-Driven Personal Data Sharing © 2017 ForgeRock. All rights reserved.
© 2016 ForgeRock. All rights reserved. BUSINESS DRIVERS TECHNOLOGY FEATURES PRIVACY Transparency Visualization of Personal Data Smart Things Explosion of Personal Data Customer Relationship Management Consent Access of Personal Data Regulation Government & Industry Bodies Privacy Drivers & Features © 2017 ForgeRock. All rights reserved. 2
© 2016 ForgeRock. All rights reserved. © 2017 ForgeRock. All rights reserved. FEATURE Privacy Approaches Manual TRANSPARENCY Request Implicit CONSENT ACCESS SHARINGDATA 3
© 2016 ForgeRock. All rights reserved. Requesting PartyClientsResources AccessResource Owner User Interface (GUI / PUI) Application Interface (REST / SOAP) User Interface (GUI / PUI) Application 4 Privacy Architecture © 2017 ForgeRock. All rights reserved.
© 2016 ForgeRock. All rights reserved. Resource Owner User Interface (GUI / PUI) Requesting PartyClientsResources Access User Interface (GUI / PUI) Application Interface (REST / SOAP) Application 5 Privacy Challenge © 2017 ForgeRock. All rights reserved. ? IDIDIDID ID ID ID ID ID ? IDIDIDID
© 2016 ForgeRock. All rights reserved. Requesting Party User Interface (GUI / PUI) Resource Owner User Interface (GUI / PUI) ClientsResources Access Application Interface (REST / SOAP) Application 6 Transparency Identity Solution © 2017 ForgeRock. All rights reserved. ID ID ID ID ID ID ID ID IdentityID
© 2016 ForgeRock. All rights reserved. Requesting Party User Interface (GUI / PUI) Resource Owner User Interface (GUI / PUI) ClientsResources Access Application Interface (REST / SOAP) Application 7 Consent Access Solution © 2017 ForgeRock. All rights reserved. ID ID ID ID ID IDID Access ID ID Identity
© 2016 ForgeRock. All rights reserved. © 2017 ForgeRock. All rights reserved. FEATURE Privacy Approaches Manual TRANSPARENCY Request Implicit CONSENT Strategy Explicit API’s SSH, LDAP, SQL, SOAP & REST Automated SOAP & REST ACCESS SHARINGDATA Portal 8
© 2016 ForgeRock. All rights reserved. CONSUMERENTERPRISE OASIS 9 Open Standards © 2017 ForgeRock. All rights reserved. IETF, OIDF & KANTARA OIDC Identity Federation UMA Access Federation OAuth Access Control Consent Security Scalability Browser Client Generic Client Statefull Design Stateless Design XML / SOAP JSON / REST JWT Identity 2000+ 2010+ SAML Identity Federation XACML Access Federation WS-* Access SAML Identity
© 2016 ForgeRock. All rights reserved. 10 OAuth 2.0 Standard © 2017 ForgeRock. All rights reserved. Resource Server Authorization Server Resource Owner Client Access Validate Manage Authorize Control Owner-to-App Sharing Synchronous Consent Access Integration Access Tokens
© 2016 ForgeRock. All rights reserved. 11 User Managed Access Standard © 2017 ForgeRock. All rights reserved. Resource Server Authorization Server Requesting Party Client Authorize Access Protect Resource Owner Manage Manage Control Negotiate Owner-to-Party Sharing Asynchronous Consent Access Federation Access Tokens
© 2016 ForgeRock. All rights reserved. Requesting PartyClientsResources AccessResource Owner User Interface (GUI / PUI) Application Interface (REST / SOAP) User Interface (GUI / PUI) Application 12 Consent Standards © 2017 ForgeRock. All rights reserved. OAuth 2.0 Device Flow OAuth 2.0 A/I Grant User Managed Access OpenIDConnect
© 2016 ForgeRock. All rights reserved. © 2017 ForgeRock. All rights reserved. FEATURE Privacy Approaches Manual TRANSPARENCY Request Implicit CONSENT Strategy Explicit API’s SSH, LDAP, SQL, SOAP & REST Standards SCIM, SAML & OpenID Connect OAuth 2.0 & OpenID Connect Automated UMA SOAP & REST ACCESS SHARINGDATA Portal 13
© 2016 ForgeRock. All rights reserved. 14 SolutionChallenge Health Care Platform Smart Devices Unified Identity Platform Patient Security Patient Privacy Patient Satisfaction Patient Consent Identity of Things Patient Relationships Single Patient View © 2017 ForgeRock. All rights reserved. “We are now able to design innovative data-sharing and consent technologies into our HealthSuite Digital Platform that make it possible to foster consumer and patient trust.” Jeroen Tas, CEO, Healthcare Informatics Solutions & Services
© 2016 ForgeRock. All rights reserved. 15 DEMO Session © 2017 ForgeRock. All rights reserved.
© 2016 ForgeRock. All rights reserved. Chris Adriaensen Senior Customer Engineer chris.adriaensen@forgerock.com @chrisadriaensen | @ForgeRock © 2017 ForgeRock. All rights reserved. End of SHOW

Recomendados

The Hitchhiker's Guide to the Land of OAuth
The Hitchhiker's Guide to the Land of OAuthThe Hitchhiker's Guide to the Land of OAuth
The Hitchhiker's Guide to the Land of OAuth
Chris Adriaensen
 
Internet of Things Security & Privacy
Internet of Things Security & PrivacyInternet of Things Security & Privacy
Internet of Things Security & Privacy
Chris Adriaensen
 
The Future is Now: What’s New in ForgeRock Identity Management
The Future is Now: What’s New in ForgeRock Identity Management The Future is Now: What’s New in ForgeRock Identity Management
The Future is Now: What’s New in ForgeRock Identity Management
ForgeRock
 
The Future is Now: What’s New in ForgeRock Access Management
The Future is Now: What’s New in ForgeRock Access Management The Future is Now: What’s New in ForgeRock Access Management
The Future is Now: What’s New in ForgeRock Access Management
ForgeRock
 
The Future is Now: The ForgeRock Identity Platform, Early 2017 Release
The Future is Now: The ForgeRock Identity Platform, Early 2017 ReleaseThe Future is Now: The ForgeRock Identity Platform, Early 2017 Release
The Future is Now: The ForgeRock Identity Platform, Early 2017 Release
ForgeRock
 
Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...
Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...
Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...
ForgeRock
 
Sydney Identity Unconference Introduction and Highlights
Sydney Identity Unconference Introduction and HighlightsSydney Identity Unconference Introduction and Highlights
Sydney Identity Unconference Introduction and Highlights
ForgeRock
 
NYC Identity Summit Business Day: Continuous Security
NYC Identity Summit Business Day: Continuous SecurityNYC Identity Summit Business Day: Continuous Security
NYC Identity Summit Business Day: Continuous Security
ForgeRock
 

Recomendados

The Hitchhiker's Guide to the Land of OAuth
The Hitchhiker's Guide to the Land of OAuthThe Hitchhiker's Guide to the Land of OAuth
The Hitchhiker's Guide to the Land of OAuth
Chris Adriaensen
 
Internet of Things Security & Privacy
Internet of Things Security & PrivacyInternet of Things Security & Privacy
Internet of Things Security & Privacy
Chris Adriaensen
 
The Future is Now: What’s New in ForgeRock Identity Management
The Future is Now: What’s New in ForgeRock Identity Management The Future is Now: What’s New in ForgeRock Identity Management
The Future is Now: What’s New in ForgeRock Identity Management
ForgeRock
 
The Future is Now: What’s New in ForgeRock Access Management
The Future is Now: What’s New in ForgeRock Access Management The Future is Now: What’s New in ForgeRock Access Management
The Future is Now: What’s New in ForgeRock Access Management
ForgeRock
 
The Future is Now: The ForgeRock Identity Platform, Early 2017 Release
The Future is Now: The ForgeRock Identity Platform, Early 2017 ReleaseThe Future is Now: The ForgeRock Identity Platform, Early 2017 Release
The Future is Now: The ForgeRock Identity Platform, Early 2017 Release
ForgeRock
 
Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...
Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...
Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...
ForgeRock
 
Sydney Identity Unconference Introduction and Highlights
Sydney Identity Unconference Introduction and HighlightsSydney Identity Unconference Introduction and Highlights
Sydney Identity Unconference Introduction and Highlights
ForgeRock
 
NYC Identity Summit Business Day: Continuous Security
NYC Identity Summit Business Day: Continuous SecurityNYC Identity Summit Business Day: Continuous Security
NYC Identity Summit Business Day: Continuous Security
ForgeRock
 
Identity Live London 2017 | Ashley Stevenson
Identity Live London 2017 | Ashley StevensonIdentity Live London 2017 | Ashley Stevenson
Identity Live London 2017 | Ashley Stevenson
ForgeRock
 
The Business Ecosystem is a Neighborhood - ForgeRock Identity Live Austin 2017
The Business Ecosystem is a Neighborhood - ForgeRock Identity Live Austin 2017The Business Ecosystem is a Neighborhood - ForgeRock Identity Live Austin 2017
The Business Ecosystem is a Neighborhood - ForgeRock Identity Live Austin 2017
ForgeRock
 
Beyond username and password it's continuous authorization webinar
Beyond username and password it's continuous authorization webinarBeyond username and password it's continuous authorization webinar
Beyond username and password it's continuous authorization webinar
ForgeRock
 
NYC Identity Summit Tech Day: Authorization for the Modern World
NYC Identity Summit Tech Day: Authorization for the Modern WorldNYC Identity Summit Tech Day: Authorization for the Modern World
NYC Identity Summit Tech Day: Authorization for the Modern World
ForgeRock
 
Identity Objects in Mirror Are Closer Than They Appear - Identity Live 2017 -...
Identity Objects in Mirror Are Closer Than They Appear - Identity Live 2017 -...Identity Objects in Mirror Are Closer Than They Appear - Identity Live 2017 -...
Identity Objects in Mirror Are Closer Than They Appear - Identity Live 2017 -...
ForgeRock
 
NYC Identity Summit Tech Day: Best Practices for API Security
NYC Identity Summit Tech Day: Best Practices for API SecurityNYC Identity Summit Tech Day: Best Practices for API Security
NYC Identity Summit Tech Day: Best Practices for API Security
ForgeRock
 
ForgeRock Gartner 2016 Security & Risk Management Summit
ForgeRock Gartner 2016 Security & Risk Management Summit ForgeRock Gartner 2016 Security & Risk Management Summit
ForgeRock Gartner 2016 Security & Risk Management Summit
ForgeRock
 
ForgeRock Platform Release - Summer 2016
ForgeRock Platform Release - Summer 2016 ForgeRock Platform Release - Summer 2016
ForgeRock Platform Release - Summer 2016
ForgeRock
 
The Relationship Model
The Relationship ModelThe Relationship Model
The Relationship Model
Chris Adriaensen
 
Internet of Things Security & Privacy
Internet of Things Security & PrivacyInternet of Things Security & Privacy
Internet of Things Security & Privacy
Chris Adriaensen
 
Digital Trust: How Identity Tackles the Privacy, Security and IoT Challenge
Digital Trust: How Identity Tackles the Privacy, Security and IoT ChallengeDigital Trust: How Identity Tackles the Privacy, Security and IoT Challenge
Digital Trust: How Identity Tackles the Privacy, Security and IoT Challenge
ForgeRock
 
NYC Identity Summit Tech Day: ForgeRock Identity Platform Overview
NYC Identity Summit Tech Day: ForgeRock Identity Platform OverviewNYC Identity Summit Tech Day: ForgeRock Identity Platform Overview
NYC Identity Summit Tech Day: ForgeRock Identity Platform Overview
ForgeRock
 
Identity Tech Talks #3 FIDO futur of authentication
Identity Tech Talks #3 FIDO futur of authenticationIdentity Tech Talks #3 FIDO futur of authentication
Identity Tech Talks #3 FIDO futur of authentication
Leonard Moustacchis
 
Sydney Identity Summit: Doing Authorisation, Consent and Delegation Right wit...
Sydney Identity Summit: Doing Authorisation, Consent and Delegation Right wit...Sydney Identity Summit: Doing Authorisation, Consent and Delegation Right wit...
Sydney Identity Summit: Doing Authorisation, Consent and Delegation Right wit...
ForgeRock
 
Sydney Identity Summit: The Future's So Bright, I Gotta Wear Shades
Sydney Identity Summit: The Future's So Bright, I Gotta Wear ShadesSydney Identity Summit: The Future's So Bright, I Gotta Wear Shades
Sydney Identity Summit: The Future's So Bright, I Gotta Wear Shades
ForgeRock
 
Technical Case Study: McKesson - Employing the Open Identity Stack
Technical Case Study: McKesson - Employing the Open Identity StackTechnical Case Study: McKesson - Employing the Open Identity Stack
Technical Case Study: McKesson - Employing the Open Identity Stack
ForgeRock
 
ForgeRock: Identity Relationship Management is the Foundation for Your Digita...
ForgeRock: Identity Relationship Management is the Foundation for Your Digita...ForgeRock: Identity Relationship Management is the Foundation for Your Digita...
ForgeRock: Identity Relationship Management is the Foundation for Your Digita...
ForgeRock
 
User-Managed Access: Why and How? - Access Control in Digital Contract Contexts
User-Managed Access: Why and How? - Access Control in Digital Contract ContextsUser-Managed Access: Why and How? - Access Control in Digital Contract Contexts
User-Managed Access: Why and How? - Access Control in Digital Contract Contexts
ForgeRock
 
Web application firewall advanced
Web application firewall advancedWeb application firewall advanced
Web application firewall advanced
Web Application Scanning
 
The Future of Digital Identity in the Age of the Internet of Things
The Future of Digital Identity in the Age of the Internet of ThingsThe Future of Digital Identity in the Age of the Internet of Things
The Future of Digital Identity in the Age of the Internet of Things
ForgeRock
 
Identity Live Sydney 2017 - Daniel Raskin
Identity Live Sydney 2017 - Daniel RaskinIdentity Live Sydney 2017 - Daniel Raskin
Identity Live Sydney 2017 - Daniel Raskin
ForgeRock
 
Identity Live London 2017 | Daniel Raskin
Identity Live London 2017 | Daniel RaskinIdentity Live London 2017 | Daniel Raskin
Identity Live London 2017 | Daniel Raskin
ForgeRock
 

Mais conteúdo relacionado

Mais procurados

Mais procurados (20)

Identity Live London 2017 | Ashley Stevenson
Identity Live London 2017 | Ashley StevensonIdentity Live London 2017 | Ashley Stevenson
Identity Live London 2017 | Ashley Stevenson
 
The Business Ecosystem is a Neighborhood - ForgeRock Identity Live Austin 2017
The Business Ecosystem is a Neighborhood - ForgeRock Identity Live Austin 2017The Business Ecosystem is a Neighborhood - ForgeRock Identity Live Austin 2017
The Business Ecosystem is a Neighborhood - ForgeRock Identity Live Austin 2017
 
Beyond username and password it's continuous authorization webinar
Beyond username and password it's continuous authorization webinarBeyond username and password it's continuous authorization webinar
Beyond username and password it's continuous authorization webinar
 
NYC Identity Summit Tech Day: Authorization for the Modern World
NYC Identity Summit Tech Day: Authorization for the Modern WorldNYC Identity Summit Tech Day: Authorization for the Modern World
NYC Identity Summit Tech Day: Authorization for the Modern World
 
Identity Objects in Mirror Are Closer Than They Appear - Identity Live 2017 -...
Identity Objects in Mirror Are Closer Than They Appear - Identity Live 2017 -...Identity Objects in Mirror Are Closer Than They Appear - Identity Live 2017 -...
Identity Objects in Mirror Are Closer Than They Appear - Identity Live 2017 -...
 
NYC Identity Summit Tech Day: Best Practices for API Security
NYC Identity Summit Tech Day: Best Practices for API SecurityNYC Identity Summit Tech Day: Best Practices for API Security
NYC Identity Summit Tech Day: Best Practices for API Security
 
ForgeRock Gartner 2016 Security & Risk Management Summit
ForgeRock Gartner 2016 Security & Risk Management Summit ForgeRock Gartner 2016 Security & Risk Management Summit
ForgeRock Gartner 2016 Security & Risk Management Summit
 
ForgeRock Platform Release - Summer 2016
ForgeRock Platform Release - Summer 2016 ForgeRock Platform Release - Summer 2016
ForgeRock Platform Release - Summer 2016
 
The Relationship Model
The Relationship ModelThe Relationship Model
The Relationship Model
 
Internet of Things Security & Privacy
Internet of Things Security & PrivacyInternet of Things Security & Privacy
Internet of Things Security & Privacy
 
Digital Trust: How Identity Tackles the Privacy, Security and IoT Challenge
Digital Trust: How Identity Tackles the Privacy, Security and IoT ChallengeDigital Trust: How Identity Tackles the Privacy, Security and IoT Challenge
Digital Trust: How Identity Tackles the Privacy, Security and IoT Challenge
 
NYC Identity Summit Tech Day: ForgeRock Identity Platform Overview
NYC Identity Summit Tech Day: ForgeRock Identity Platform OverviewNYC Identity Summit Tech Day: ForgeRock Identity Platform Overview
NYC Identity Summit Tech Day: ForgeRock Identity Platform Overview
 
Identity Tech Talks #3 FIDO futur of authentication
Identity Tech Talks #3 FIDO futur of authenticationIdentity Tech Talks #3 FIDO futur of authentication
Identity Tech Talks #3 FIDO futur of authentication
 
Sydney Identity Summit: Doing Authorisation, Consent and Delegation Right wit...
Sydney Identity Summit: Doing Authorisation, Consent and Delegation Right wit...Sydney Identity Summit: Doing Authorisation, Consent and Delegation Right wit...
Sydney Identity Summit: Doing Authorisation, Consent and Delegation Right wit...
 
Sydney Identity Summit: The Future's So Bright, I Gotta Wear Shades
Sydney Identity Summit: The Future's So Bright, I Gotta Wear ShadesSydney Identity Summit: The Future's So Bright, I Gotta Wear Shades
Sydney Identity Summit: The Future's So Bright, I Gotta Wear Shades
 
Technical Case Study: McKesson - Employing the Open Identity Stack
Technical Case Study: McKesson - Employing the Open Identity StackTechnical Case Study: McKesson - Employing the Open Identity Stack
Technical Case Study: McKesson - Employing the Open Identity Stack
 
ForgeRock: Identity Relationship Management is the Foundation for Your Digita...
ForgeRock: Identity Relationship Management is the Foundation for Your Digita...ForgeRock: Identity Relationship Management is the Foundation for Your Digita...
ForgeRock: Identity Relationship Management is the Foundation for Your Digita...
 
User-Managed Access: Why and How? - Access Control in Digital Contract Contexts
User-Managed Access: Why and How? - Access Control in Digital Contract ContextsUser-Managed Access: Why and How? - Access Control in Digital Contract Contexts
User-Managed Access: Why and How? - Access Control in Digital Contract Contexts
 
Web application firewall advanced
Web application firewall advancedWeb application firewall advanced
Web application firewall advanced
 
The Future of Digital Identity in the Age of the Internet of Things
The Future of Digital Identity in the Age of the Internet of ThingsThe Future of Digital Identity in the Age of the Internet of Things
The Future of Digital Identity in the Age of the Internet of Things
 

Semelhante a UMA - An Open Standard for Consent-Driven Personal Data Sharing

Identity Live Sydney 2017 - Daniel Raskin
Identity Live Sydney 2017 - Daniel RaskinIdentity Live Sydney 2017 - Daniel Raskin
Identity Live Sydney 2017 - Daniel Raskin
ForgeRock
 
Identity Live London 2017 | Daniel Raskin
Identity Live London 2017 | Daniel RaskinIdentity Live London 2017 | Daniel Raskin
Identity Live London 2017 | Daniel Raskin
ForgeRock
 
Identity Live Paris 2017 | Monetising Digital Customer Relationships
Identity Live Paris 2017 | Monetising Digital Customer RelationshipsIdentity Live Paris 2017 | Monetising Digital Customer Relationships
Identity Live Paris 2017 | Monetising Digital Customer Relationships
ForgeRock
 
An Approach for Multi-Tenancy Through Apache Knox
An Approach for Multi-Tenancy Through Apache KnoxAn Approach for Multi-Tenancy Through Apache Knox
An Approach for Multi-Tenancy Through Apache Knox
DataWorks Summit/Hadoop Summit
 
Webinar: Identity Wars: The Unified Platform Awakens
Webinar: Identity Wars: The Unified Platform AwakensWebinar: Identity Wars: The Unified Platform Awakens
Webinar: Identity Wars: The Unified Platform Awakens
ForgeRock
 
Directory Services with the ForgeRock Identity Platform - So What’s New?
Directory Services with the ForgeRock Identity Platform - So What’s New?Directory Services with the ForgeRock Identity Platform - So What’s New?
Directory Services with the ForgeRock Identity Platform - So What’s New?
ForgeRock
 
Webinar: "Entitlements: Taking Control of the Big Data Gold Rush"
Webinar: "Entitlements: Taking Control of the Big Data Gold Rush"Webinar: "Entitlements: Taking Control of the Big Data Gold Rush"
Webinar: "Entitlements: Taking Control of the Big Data Gold Rush"
ForgeRock
 

Semelhante a UMA - An Open Standard for Consent-Driven Personal Data Sharing (20)

Identity Live Sydney 2017 - Daniel Raskin
Identity Live Sydney 2017 - Daniel RaskinIdentity Live Sydney 2017 - Daniel Raskin
Identity Live Sydney 2017 - Daniel Raskin
 
Identity Live London 2017 | Daniel Raskin
Identity Live London 2017 | Daniel RaskinIdentity Live London 2017 | Daniel Raskin
Identity Live London 2017 | Daniel Raskin
 
Identity Live Sydney 2017 - Ashley Stevenson
Identity Live Sydney 2017 - Ashley StevensonIdentity Live Sydney 2017 - Ashley Stevenson
Identity Live Sydney 2017 - Ashley Stevenson
 
Victor Ake and Chris Kawalek - ForgeRock Identity Live 2017 - Dusseldorf
Victor Ake and Chris Kawalek - ForgeRock Identity Live 2017 - DusseldorfVictor Ake and Chris Kawalek - ForgeRock Identity Live 2017 - Dusseldorf
Victor Ake and Chris Kawalek - ForgeRock Identity Live 2017 - Dusseldorf
 
Microservices architecture
Microservices architectureMicroservices architecture
Microservices architecture
 
Connected Car: Putting Digital Identity Behind the Wheel
Connected Car: Putting Digital Identity Behind the WheelConnected Car: Putting Digital Identity Behind the Wheel
Connected Car: Putting Digital Identity Behind the Wheel
 
Security On The Edge - A New Way To Think About Securing the Internet of Things
Security On The Edge - A New Way To Think About Securing the Internet of ThingsSecurity On The Edge - A New Way To Think About Securing the Internet of Things
Security On The Edge - A New Way To Think About Securing the Internet of Things
 
Soup to Nuts: Identity Federation for AWS
Soup to Nuts: Identity Federation for AWSSoup to Nuts: Identity Federation for AWS
Soup to Nuts: Identity Federation for AWS
 
Identity Live Paris 2017 | Monetising Digital Customer Relationships
Identity Live Paris 2017 | Monetising Digital Customer RelationshipsIdentity Live Paris 2017 | Monetising Digital Customer Relationships
Identity Live Paris 2017 | Monetising Digital Customer Relationships
 
Peer-to-Server Media in WebRTC (Enterprise Connect 2014)
Peer-to-Server Media in WebRTC (Enterprise Connect 2014)Peer-to-Server Media in WebRTC (Enterprise Connect 2014)
Peer-to-Server Media in WebRTC (Enterprise Connect 2014)
 
An Approach for Multi-Tenancy Through Apache Knox
An Approach for Multi-Tenancy Through Apache KnoxAn Approach for Multi-Tenancy Through Apache Knox
An Approach for Multi-Tenancy Through Apache Knox
 
Webinar: Identity Wars: The Unified Platform Awakens
Webinar: Identity Wars: The Unified Platform AwakensWebinar: Identity Wars: The Unified Platform Awakens
Webinar: Identity Wars: The Unified Platform Awakens
 
DeveloperWeek 2015 - WebRTC - Where to start and how to scale
DeveloperWeek 2015 - WebRTC - Where to start and how to scaleDeveloperWeek 2015 - WebRTC - Where to start and how to scale
DeveloperWeek 2015 - WebRTC - Where to start and how to scale
 
Directory Services with the ForgeRock Identity Platform - So What’s New?
Directory Services with the ForgeRock Identity Platform - So What’s New?Directory Services with the ForgeRock Identity Platform - So What’s New?
Directory Services with the ForgeRock Identity Platform - So What’s New?
 
Trust No One: The New Security Model for Web APIs - SecTor talk by Greg Kliew...
Trust No One: The New Security Model for Web APIs - SecTor talk by Greg Kliew...Trust No One: The New Security Model for Web APIs - SecTor talk by Greg Kliew...
Trust No One: The New Security Model for Web APIs - SecTor talk by Greg Kliew...
 
New FIDO Specifications Overview -FIDO Alliance -Tokyo Seminar -Nadalin
New FIDO Specifications Overview -FIDO Alliance -Tokyo Seminar -NadalinNew FIDO Specifications Overview -FIDO Alliance -Tokyo Seminar -Nadalin
New FIDO Specifications Overview -FIDO Alliance -Tokyo Seminar -Nadalin
 
Webinar: "Entitlements: Taking Control of the Big Data Gold Rush"
Webinar: "Entitlements: Taking Control of the Big Data Gold Rush"Webinar: "Entitlements: Taking Control of the Big Data Gold Rush"
Webinar: "Entitlements: Taking Control of the Big Data Gold Rush"
 
Serverless Software Architecture - Gears 17
Serverless Software Architecture - Gears 17Serverless Software Architecture - Gears 17
Serverless Software Architecture - Gears 17
 
Pre-Con Ed: How to Provide Mobile Users With a Convenient, Yet Secure, Sessio...
Pre-Con Ed: How to Provide Mobile Users With a Convenient, Yet Secure, Sessio...Pre-Con Ed: How to Provide Mobile Users With a Convenient, Yet Secure, Sessio...
Pre-Con Ed: How to Provide Mobile Users With a Convenient, Yet Secure, Sessio...
 
The ForgeRock Identity Platform Extends CIAM, Fall 2017 Release
The ForgeRock Identity Platform Extends CIAM, Fall 2017 ReleaseThe ForgeRock Identity Platform Extends CIAM, Fall 2017 Release
The ForgeRock Identity Platform Extends CIAM, Fall 2017 Release
 

Mais de Chris Adriaensen

Mais de Chris Adriaensen (7)

AWS Scalable Architectures - Serverless
AWS Scalable Architectures - ServerlessAWS Scalable Architectures - Serverless
AWS Scalable Architectures - Serverless
 
Beyond Consumers - Devices As 1st Class Identities
Beyond Consumers - Devices As 1st Class IdentitiesBeyond Consumers - Devices As 1st Class Identities
Beyond Consumers - Devices As 1st Class Identities
 
A Marvelous Guide To Internet Security
A Marvelous Guide To Internet SecurityA Marvelous Guide To Internet Security
A Marvelous Guide To Internet Security
 
EU Single Digital Market - eIDAS To The Rescue
EU Single Digital Market - eIDAS To The RescueEU Single Digital Market - eIDAS To The Rescue
EU Single Digital Market - eIDAS To The Rescue
 
Trust - A Rare Commodity (Extended)
Trust - A Rare Commodity (Extended)Trust - A Rare Commodity (Extended)
Trust - A Rare Commodity (Extended)
 
The Relationship Battle
The Relationship BattleThe Relationship Battle
The Relationship Battle
 
De Burger in Controle? Standaarden en Technologie voor Persoonlijke Gegevenst...
De Burger in Controle? Standaarden en Technologie voor Persoonlijke Gegevenst...De Burger in Controle? Standaarden en Technologie voor Persoonlijke Gegevenst...
De Burger in Controle? Standaarden en Technologie voor Persoonlijke Gegevenst...
 

Último

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Último (20)

AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 

UMA - An Open Standard for Consent-Driven Personal Data Sharing

  • 1. © 2016 ForgeRock. All rights reserved. Chris Adriaensen Senior Customer Engineer chris.adriaensen@forgerock.com @chrisadriaensen | @ForgeRock An Open Standard for Consent-Driven Personal Data Sharing © 2017 ForgeRock. All rights reserved.
  • 2. © 2016 ForgeRock. All rights reserved. BUSINESS DRIVERS TECHNOLOGY FEATURES PRIVACY Transparency Visualization of Personal Data Smart Things Explosion of Personal Data Customer Relationship Management Consent Access of Personal Data Regulation Government & Industry Bodies Privacy Drivers & Features © 2017 ForgeRock. All rights reserved. 2
  • 3. © 2016 ForgeRock. All rights reserved. © 2017 ForgeRock. All rights reserved. FEATURE Privacy Approaches Manual TRANSPARENCY Request Implicit CONSENT ACCESS SHARINGDATA 3
  • 4. © 2016 ForgeRock. All rights reserved. Requesting PartyClientsResources AccessResource Owner User Interface (GUI / PUI) Application Interface (REST / SOAP) User Interface (GUI / PUI) Application 4 Privacy Architecture © 2017 ForgeRock. All rights reserved.
  • 5. © 2016 ForgeRock. All rights reserved. Resource Owner User Interface (GUI / PUI) Requesting PartyClientsResources Access User Interface (GUI / PUI) Application Interface (REST / SOAP) Application 5 Privacy Challenge © 2017 ForgeRock. All rights reserved. ? IDIDIDID ID ID ID ID ID ? IDIDIDID
  • 6. © 2016 ForgeRock. All rights reserved. Requesting Party User Interface (GUI / PUI) Resource Owner User Interface (GUI / PUI) ClientsResources Access Application Interface (REST / SOAP) Application 6 Transparency Identity Solution © 2017 ForgeRock. All rights reserved. ID ID ID ID ID ID ID ID IdentityID
  • 7. © 2016 ForgeRock. All rights reserved. Requesting Party User Interface (GUI / PUI) Resource Owner User Interface (GUI / PUI) ClientsResources Access Application Interface (REST / SOAP) Application 7 Consent Access Solution © 2017 ForgeRock. All rights reserved. ID ID ID ID ID IDID Access ID ID Identity
  • 8. © 2016 ForgeRock. All rights reserved. © 2017 ForgeRock. All rights reserved. FEATURE Privacy Approaches Manual TRANSPARENCY Request Implicit CONSENT Strategy Explicit API’s SSH, LDAP, SQL, SOAP & REST Automated SOAP & REST ACCESS SHARINGDATA Portal 8
  • 9. © 2016 ForgeRock. All rights reserved. CONSUMERENTERPRISE OASIS 9 Open Standards © 2017 ForgeRock. All rights reserved. IETF, OIDF & KANTARA OIDC Identity Federation UMA Access Federation OAuth Access Control Consent Security Scalability Browser Client Generic Client Statefull Design Stateless Design XML / SOAP JSON / REST JWT Identity 2000+ 2010+ SAML Identity Federation XACML Access Federation WS-* Access SAML Identity
  • 10. © 2016 ForgeRock. All rights reserved. 10 OAuth 2.0 Standard © 2017 ForgeRock. All rights reserved. Resource Server Authorization Server Resource Owner Client Access Validate Manage Authorize Control Owner-to-App Sharing Synchronous Consent Access Integration Access Tokens
  • 11. © 2016 ForgeRock. All rights reserved. 11 User Managed Access Standard © 2017 ForgeRock. All rights reserved. Resource Server Authorization Server Requesting Party Client Authorize Access Protect Resource Owner Manage Manage Control Negotiate Owner-to-Party Sharing Asynchronous Consent Access Federation Access Tokens
  • 12. © 2016 ForgeRock. All rights reserved. Requesting PartyClientsResources AccessResource Owner User Interface (GUI / PUI) Application Interface (REST / SOAP) User Interface (GUI / PUI) Application 12 Consent Standards © 2017 ForgeRock. All rights reserved. OAuth 2.0 Device Flow OAuth 2.0 A/I Grant User Managed Access OpenIDConnect
  • 13. © 2016 ForgeRock. All rights reserved. © 2017 ForgeRock. All rights reserved. FEATURE Privacy Approaches Manual TRANSPARENCY Request Implicit CONSENT Strategy Explicit API’s SSH, LDAP, SQL, SOAP & REST Standards SCIM, SAML & OpenID Connect OAuth 2.0 & OpenID Connect Automated UMA SOAP & REST ACCESS SHARINGDATA Portal 13
  • 14. © 2016 ForgeRock. All rights reserved. 14 SolutionChallenge Health Care Platform Smart Devices Unified Identity Platform Patient Security Patient Privacy Patient Satisfaction Patient Consent Identity of Things Patient Relationships Single Patient View © 2017 ForgeRock. All rights reserved. “We are now able to design innovative data-sharing and consent technologies into our HealthSuite Digital Platform that make it possible to foster consumer and patient trust.” Jeroen Tas, CEO, Healthcare Informatics Solutions & Services
  • 15. © 2016 ForgeRock. All rights reserved. 15 DEMO Session © 2017 ForgeRock. All rights reserved.
  • 16. © 2016 ForgeRock. All rights reserved. Chris Adriaensen Senior Customer Engineer chris.adriaensen@forgerock.com @chrisadriaensen | @ForgeRock © 2017 ForgeRock. All rights reserved. End of SHOW