2015 identity summit - stepping up to new data protection challenges
TRANSCRIPT
![Page 1: 2015 Identity Summit - Stepping Up to New Data Protection Challenges](https://reader035.vdocuments.mx/reader035/viewer/2022070521/58efcf1d1a28ab8e668b457b/html5/thumbnails/1.jpg)
STEPPING UP TO NEWDATA PROTECTION CHALLENGES
USER-MANAGED ACCESS FOR GENUINE CONSENT
Markus Weber
![Page 2: 2015 Identity Summit - Stepping Up to New Data Protection Challenges](https://reader035.vdocuments.mx/reader035/viewer/2022070521/58efcf1d1a28ab8e668b457b/html5/thumbnails/2.jpg)
![Page 3: 2015 Identity Summit - Stepping Up to New Data Protection Challenges](https://reader035.vdocuments.mx/reader035/viewer/2022070521/58efcf1d1a28ab8e668b457b/html5/thumbnails/3.jpg)
67% of individuals are willing to share data
with companies.
It drops to 27% if the business is sharing
data with a third party.
- Accenture
![Page 4: 2015 Identity Summit - Stepping Up to New Data Protection Challenges](https://reader035.vdocuments.mx/reader035/viewer/2022070521/58efcf1d1a28ab8e668b457b/html5/thumbnails/4.jpg)
The Impending Problem
Management
Management
Management
Data
Authorization
Data
Authorization
Data
Authorization
Copyright © Identity Summit 2015, all rights reserved.
![Page 5: 2015 Identity Summit - Stepping Up to New Data Protection Challenges](https://reader035.vdocuments.mx/reader035/viewer/2022070521/58efcf1d1a28ab8e668b457b/html5/thumbnails/5.jpg)
The Impending Problem
Management
Data
Authorization
Data
Authorization
Data
Authorization
Copyright © Identity Summit 2015, all rights reserved.
![Page 6: 2015 Identity Summit - Stepping Up to New Data Protection Challenges](https://reader035.vdocuments.mx/reader035/viewer/2022070521/58efcf1d1a28ab8e668b457b/html5/thumbnails/6.jpg)
UMA: User-Managed Access
Copyright © Identity Summit 2015, all rights reserved.
Is a standard built on OAuth2 Delivers externalized authorization Provides digital consent control to end users Allows to share data and revoke access to data
![Page 7: 2015 Identity Summit - Stepping Up to New Data Protection Challenges](https://reader035.vdocuments.mx/reader035/viewer/2022070521/58efcf1d1a28ab8e668b457b/html5/thumbnails/7.jpg)
Why the need for UMA?OAuth2 focuses on authorizing the sharing of my data with me!
OAuth2OAuth2
OAu
th2 O
Auth2
OAuth2OAuth2
Copyright © Identity Summit 2015, all rights reserved.
![Page 8: 2015 Identity Summit - Stepping Up to New Data Protection Challenges](https://reader035.vdocuments.mx/reader035/viewer/2022070521/58efcf1d1a28ab8e668b457b/html5/thumbnails/8.jpg)
Why the need for UMA?UMA allows me to authorize the sharing of my data with me and others
UMA
UMA
UMA UMA
UMA
UMAUMA
UMA
UMA UMA
UMA
UMAUMA
Copyright © Identity Summit 2015, all rights reserved.
![Page 9: 2015 Identity Summit - Stepping Up to New Data Protection Challenges](https://reader035.vdocuments.mx/reader035/viewer/2022070521/58efcf1d1a28ab8e668b457b/html5/thumbnails/9.jpg)
Why the need for UMA?UMA extends authorization of share or don’t share
and includes fine-grained controls
OAuth2 UMA – Fine-Grained Controls
Copyright © Identity Summit 2015, all rights reserved.
![Page 10: 2015 Identity Summit - Stepping Up to New Data Protection Challenges](https://reader035.vdocuments.mx/reader035/viewer/2022070521/58efcf1d1a28ab8e668b457b/html5/thumbnails/10.jpg)
Why the need for UMA?UMA extends authorization to include scopes – View, Download, Transmit
Copyright © Identity Summit 2015, all rights reserved.
![Page 11: 2015 Identity Summit - Stepping Up to New Data Protection Challenges](https://reader035.vdocuments.mx/reader035/viewer/2022070521/58efcf1d1a28ab8e668b457b/html5/thumbnails/11.jpg)
Why the need for UMA?Externalizes authorization to a centralized hub!
One place to rule them all!
Copyright © Identity Summit 2015, all rights reserved.
![Page 12: 2015 Identity Summit - Stepping Up to New Data Protection Challenges](https://reader035.vdocuments.mx/reader035/viewer/2022070521/58efcf1d1a28ab8e668b457b/html5/thumbnails/12.jpg)
The mechanism:
federated authorization
on top of OAuth
Copyright © Identity Summit 2015, all rights reserved.
![Page 13: 2015 Identity Summit - Stepping Up to New Data Protection Challenges](https://reader035.vdocuments.mx/reader035/viewer/2022070521/58efcf1d1a28ab8e668b457b/html5/thumbnails/13.jpg)
This isn’t just slideware!We built this technology into our
products – and will demo it
Copyright © Identity Summit 2015, all rights reserved.
![Page 14: 2015 Identity Summit - Stepping Up to New Data Protection Challenges](https://reader035.vdocuments.mx/reader035/viewer/2022070521/58efcf1d1a28ab8e668b457b/html5/thumbnails/14.jpg)
ForgeRock is delivering two key UMA components not long from now
(client)
OpenAM 13-basedUMA Provider
OpenIG 4-basedUMA Protector
Copyright © Identity Summit 2015, all rights reserved.
resource server authorization server
![Page 15: 2015 Identity Summit - Stepping Up to New Data Protection Challenges](https://reader035.vdocuments.mx/reader035/viewer/2022070521/58efcf1d1a28ab8e668b457b/html5/thumbnails/15.jpg)
Demo
Copyright © Identity Summit 2015, all rights reserved.
![Page 16: 2015 Identity Summit - Stepping Up to New Data Protection Challenges](https://reader035.vdocuments.mx/reader035/viewer/2022070521/58efcf1d1a28ab8e668b457b/html5/thumbnails/16.jpg)
Copyright © Identity Summit 2015, all rights reserved.
iSee TV
Angela
Eric
Child Regular☐ Adult
![Page 17: 2015 Identity Summit - Stepping Up to New Data Protection Challenges](https://reader035.vdocuments.mx/reader035/viewer/2022070521/58efcf1d1a28ab8e668b457b/html5/thumbnails/17.jpg)
Copyright © Identity Summit 2015, all rights reserved.
iSee TV
Angela
Zachary
Child☐ Regular☐ Adult
![Page 18: 2015 Identity Summit - Stepping Up to New Data Protection Challenges](https://reader035.vdocuments.mx/reader035/viewer/2022070521/58efcf1d1a28ab8e668b457b/html5/thumbnails/18.jpg)
Copyright © Identity Summit 2015, all rights reserved.
iSpyCamera
Angela
Brittany
View Move☐ On/Off
![Page 19: 2015 Identity Summit - Stepping Up to New Data Protection Challenges](https://reader035.vdocuments.mx/reader035/viewer/2022070521/58efcf1d1a28ab8e668b457b/html5/thumbnails/19.jpg)
Why is it valuable to use a standard fornext-generation digital consent?
Copyright © Identity Summit 2015, all rights reserved.
![Page 20: 2015 Identity Summit - Stepping Up to New Data Protection Challenges](https://reader035.vdocuments.mx/reader035/viewer/2022070521/58efcf1d1a28ab8e668b457b/html5/thumbnails/20.jpg)
ForgeRock helps you deliver customer consent and delegation
capabilities for successfuldigital transformation in aprivacy-sensitive world
Copyright © Identity Summit 2015, all rights reserved.
![Page 21: 2015 Identity Summit - Stepping Up to New Data Protection Challenges](https://reader035.vdocuments.mx/reader035/viewer/2022070521/58efcf1d1a28ab8e668b457b/html5/thumbnails/21.jpg)
THANKS!
Markus Weber (@MWAtForgeRock)