This falls under my favorite use-case for UMA because it calls for Alice to run her own UMA AS. That UMA AS can use as much context as it wants in making authorization decisions and UMA would work just fine.

In the past, I have made a similar argument using the door lock to the downstairs of Alice's apartment as the RS instead of the camera. Alice's mom seeks entry using her smartphone as a client and needs to get a token for the apartment lock from Alice's AS. (The camera that looks at Alice's mom when she requests entry would be a shared resource owned by the building, just like the downstairs lock.)

My point is simply that every Alice has to be able to specify her own AS as a means of hiding her policies behind the UMA protocol. How the AS decides to calculate on her policies is completely out of band from UMA.

This is also core to our #wideeco work item.

Adrian

On Friday, June 10, 2016, Mohammad Chowdhury <mjchowdhury@swin.edu.au> wrote:

Dear All,

I am new to this group and spare me if I am asking a dumb question.

I am wondering, Is there any way in UMA to capture the dynamic context of the resource owner to provide context-aware authorization?

I have the following use case,

“Alice’s mom will get access to online CC camera hosted in Alice’s apartment, Only if Alice is out of her apartment “

I know XACML is used to capture the context of the Requester (e.g., subject of XACML, in this case Alice’s Mom).

But I do not know is there any mechanism in XACML to capture the dynamic context (in our case, context is location) of the resource owner (in this case, Alice ) for authorization decision.

Can anyone advise me on this ?

Any comment will be appreciated.

Kind regards,
Jabed

Adrian Gropper MD

PROTECT YOUR FUTURE - RESTORE Health Privacy!
HELP us fight for the right to control personal health data.
DONATE: http://patientprivacyrights.org/donate-2/