Attending: Eve, Andrew, Jon, Adrian,
Randy, Dazza, Tom, Mark, Jeff
Analyze new (positive and negative) use
cases sent to the list
- Is this list
complete enough to be going on with, for
our purposes?
- Do we need to
capture use cases for different
“topologies" (deployment ecosystems)
too?
- What would “structuring the
transaction” look like in terms of
accomplishing our mission?
- How would consent
receipts/logging/auditing come into play?
Dazza can sweep questions and answers into the
wiki. The idea with the “roles” page is
also to capture term definitions. “Principal” is often
used in the law for a individual person. There’s also
“Agent” and “Third Party”, to complete the triangle. So
perhaps we can leverage “Principal” when we talk about
any one use case — if we focus on Alice, is she the
principal? or is, say, someone else the principal in
this use case?
Does UMA allow RqPs to connect to the data
of ROs “by reference”? No; RqPs (and their client
applications) really do “get” the data. Adrian wants
to stress that UMA differs from traditional PHR
models, however. In contrast to shinkwrapped licenses,
consent directive models, and any static prior-consent
model, UMA enables fine-grained revocation,
adjustment, remediation, and transactional
authorization of data access.
The value proposition, as Adrian sees it,
to putting this type of system in place, is that
breaches would be detected instantly rather than in
many months. (This is interesting but offtopic; can
Adrian write this up for further consideration?)
Consent vs. Authorization - should we
see a distinction here? There are definitions of
consent in various laws.
User Control vs. User Management - let’s
suss this out too. Does this come out of 29100?
Let’s just collect use cases and note their
potential applicability to the terms.
Is the use case where Alice runs her own
RS interesting to us? Adrian believes it’s not
particularly interesting (personal clouds/data
stores aside). His interest runs to a personally run
AS. Let’s take a use case with that assumption and
work it through. Eve believes we also need to run
through an institutionally run AS. Where would the
consent receipts get sent? They would kind of go to
the same place that they’re generated. Is that a
problem?
This seems to be our first “minimal
pair” of use cases. If we assume Alice is the
principal, that’s our perspective. What vertical (if
any) should we pick? Healthcare has the danger of
being not very cross-jurisdictional. Could we pick
something like students and schools, which has
privacy concerns (in the US it would be FERPA), or
merchant and consumer transactions (which have trade
and sale-of-goods laws)?
As an aside, Eve notes that the UMA
authorization framework could actually be used as a
payment framework. “Claims” demanded for access
could be something like a receipt proving payment.
Dazza mentions US’s FCRA coming into play in that
case. And then the FIPPs come in.
Adrian’s concern about schools is that
they tend to use identity federations, which he
doesn’t want to put into play. Could we avoid that
element in putting together our use cases? Eve’s
point about “topologies” above was about how many
"access federation" parties are in the picture, and
we have been talking about that so far — but can we
just leave the equivalent identity federation
topologies aside?
AI: Dazza and Eve: Coordinate on
producing 2 or 3 candidate distinctive use cases
that flesh out the AS possibilities,
non-vertical-specific and
identity-federation-agnostic.
Eve
Maler | cell +1 425.345.6756 | Skype: xmlgrrl |
Twitter: @xmlgrrl | Calendar: xmlgrrl@gmail.com