The amount of personal information stored in online systems is increasing. Such information is distributed and is often duplicated, incomplete or even outdated, and cannot be easily shared by end users in a selective way. Today, the user needs to log-in and repeatedly set authorisation policies at each of their online systems and has little visibility into how data is shared and accessed.
User-Managed Access (UMA), a standardization effort from Kantara Initiative, is a new approach to manage access to online data. UMA provides a centralized policy administration point for the various resources the end-user may have at disparate locations on the Internet or within an organization. UMA allows the users to share these resources selectively under the user's own terms. With a single UMA authorization server, the user can set access & usage control/sharing policies once for all of their data.
This presentation will provide an overview of UMA and present some use cases that this technology applies to. In particular, it will focus on the use of UMA in the context of CIAM systems for managing customer related data taking into account the upcoming GDPR.
