Achieving Scalable Access Control and Privacy Protection With User-Managed Access
With so much data online, absolute secrecy of private or confidential information is impractical because, often enough, you must share it for good reason, such as disclosing your income to your tax accountant or sharing your health information with your insurance and potentially with different doctors. In addition to software safeguards, ensuring that proprietary information is delivered only into the right hands at the right time requires preplanning and tool support.
As part of its OpenUMA project, ForgeRock is implementing the User-Managed Access specification. UMA is a profile of OAuth that offers standardized, modern Web APIs, resolving many issues in authorization, privacy, and consented sharing. Most important, UMA facilitates optimum user control, a key requirement in privacy protection.