The last few weeks have been fertile for the Kantara User-Managed Access work. First we ran a half-day UMA workshop (slides, liveblog) at EIC that included a presentation by Maciej Machulak of Newcastle University on his SMART project implementation; the workshop inspired Christian Scholz to develop a whole new UMA prototype the very same day. (And they have been busy bees since; you can find more info here.)
Then, this past week at IIW […]
Read more
One of the breakout tracks at EIC last week was Cloud Platforms and Data Portability. Dave Kearns had asked me to speak for a few minutes on the subject of social data portability before joining Drummond and Christian for a panel discussion.
I brainstormed a bit and suggested that I could comment on the notion of data statelessness, and the continuum of individuals’ data portability on the web. That somehow turned into a boldface uppercase talk called […]
Read more
To get through the intense European Identity Conference last week in Munich (thanks, Kuppinger Cole folks!), I had to make sure to drink lots of fluids. I’m referring, of course, to coffee, beer, and one extraordinary whisky (thanks, Ping Identity folks!).
Bavarian coffee cup – gift from a local friend
The 2010 edition of the conference was lively and valuable. Here are just a couple of stories about encounters I had there, with more thoughts and info […]
Read more
A chance encounter in a blog comment thread a few months back led to my discovering an incredibly rich vein of metabolism/nutrition research, commentary, and community known as “Paleo”. Since then, I’ve spent a lot more time reading, and pondering, and trying-out, than writing (sorry it’s been so quiet around here).
What is paleo (or the paleo diet, or the primal diet, or the evolutionary metabolic milieu, or…)? Below I’ll provide links to what have become favorite sources, but […]
Read more
It’s the “common domain cookie” trick from Liberty ID-FF and SAML2, except without the notion of a circle of trust. (Thanks to Praveen for forging the CDC connection in my brain.)
It’s yet another thing you have to opt out of instead of into. (To disable it, visit XAuth.org from each browser you use.)
Pamela is wise.
I was already getting tired of the “social web” about the end of 2009. Does that make me anti-social?
Ugh […]
Read more
…to check out the new Gluecon conference to be held in Colorado in late May. Early-bird registration closes this Friday — use code spkr12 for an extra 10% off.
It’s all about “the new technologies that are forming around web applications in a post-cloud world”. Since I’m on record as predicting we’re going to see more consumerization of IT rather than more ITization of consumers (cracking myself up here), this theme definitely appeals. I will be there to discuss […]
Read more
…to submit papers to the Context Awareness and Trust 2010 and ACM Digital Identity Management workshops. (I serve on the program committees of both.)
Time is short for EuroCAT! The paper submission deadline is March 30, and the workshop itself will be held in late August in Nice, France. Mmm…nice.
You have more time for ACM DIM; the paper deadline is June 28, with the workshop taking place in early October, colocated with CCS in Chicago.
Put […]
Read more
In the absence of any other controls, relying parties for identity info would like to be handed as much user data as they can get. It can’t hurt to have a little extra, right? But as we pointed out in the UMA webinar a few weeks ago, when web apps think they’ve gotten something valuable out of us, sometimes they’re just mistaken. When a site wants too much info and makes us give it to them in a self-asserted […]
Read more
It seems like a good time to review where we’ve been and where we’re going in the process of building User-Managed Access (UMA).
The introduction to our draft protocol spec reads:
The User-Managed Access (UMA) 1.0 core protocol provides a method for users to control access to their protected resources, residing on any number of host sites, through an authorization manager that makes access decisions based on user policy.
For example, a web user (authorizing user) can authorize
[…]
Read more
Remember in The Fifth Element when Leeloo threatens to shoot Korben Dallas for stealing a kiss, saying “ecto gammat”? Turns out it means “never without my permission”. A good rallying cry for personal data sharing in today’s world!
The Economist has a thoughtful article called The Data Deluge on the benefits, and the privacy risks, of making better use of the torrent of data (it mostly focuses on, but doesn’t ever say, “personal” data) being generated in all […]
Read more
I’m your host, Eve Maler. I craft new ways to let people share their information conveniently and selectively on their own terms. Here you’ll find commentary on digital identity, data portability, meaningful privacy, online trust, nutrition, music, knitting, and assorted other topics. Also check out my blog on the Forrester Research site.
© 2012
Powered by WordPress. Design by 