Presentation is loading. Please wait.

Presentation is loading. Please wait.

Attribute Release and Scalable Consent \. Part of the original vision for federated identity and necessary for it to succeed Federated identity is less.

Published byAudrey Porter Modified over 8 years ago

Similar presentations

Presentation on theme: "Attribute Release and Scalable Consent \. Part of the original vision for federated identity and necessary for it to succeed Federated identity is less."— Presentation transcript:

1 Attribute Release and Scalable Consent \

2 Part of the original vision for federated identity and necessary for it to succeed Federated identity is less about authentication and more about passing attributes Critical for privacy Internal use cases Source of current pain – For science, for collaborations Source of future pain – Selective release of values from a multi-valued attribute (e.g. groups) Why It’s Important

3 End-entity categories (e.g. Research and Scholarship) End-user consent – Client side consent – Server-side Shib – General purpose consent infrastructure Prayer Approaches to attribute release

4 PrivacyLens – a next-gen consent UX – Rich set of capabilities, including fine grain authorization, informed consent, multi-protocol support, etc. – Open source, developed at CMU, evolving A Consent Management Infrastructure – A set of implemented components and APIs to support consent capabilities Attention to metadata, informed consent, out of band notification management, enterprise management, friendly names and values, etc. Aimed for a FEUMA landscape (federated enterprise UMA) – A set of real world planning and deployment activities Internal use cases Barriers and opportunities Planning guides and policy issues Consent management

5 Enabling effective and informed end-user consent Embraces a set of capabilities – Hierarchical information, fine grain control, bundling, revocation of consent, flexible notifications, etc. Embraces a style of presentation – Clear screens and slides – Optional display of values being sent – Affirmative user actions Embraces a variety of platforms and management approaches – Protocol-agnostic – Enterprise management consoles and management – Audit and security logs Built on an open consent management infrastructure PrivacyLens

6 Releasing an opaque identifier only

7 Anonymous comments With only the opaque identifier released, individuals may post comments while preserving their anonymity within the community.

8 Releasing an opaque identifier and some personal information

9 Releasing an opaque identifier and personal information

10 Components of a consent infrastructure User GUI (e.g. PrivacyLens) Informed Consent Support Informed Consent Support Enterprise Management Console UMA Authorization Server Workflows Attribute Source Out of band notifications Attribute name/value mapping support UMA-OAuth UMA - SAML Log and Audit External metadata mangement External metadata mangement UMA Resource Server Client To SP

11 Some federations provide services to support end-user consent – Negotiates with SP’s to set required (and minimal) and optional attribute needs – Create attribute release bundle filters and distribute them to IdP’s – https://www.switch.ch/aai/support/tools/resource-registry/ https://www.switch.ch/aai/support/tools/resource-registry/ – http://jagger.heanet.ie/ http://jagger.heanet.ie/ – https://manager.aaf.edu.au/federationregistry/ https://manager.aaf.edu.au/federationregistry/ – Hub-and-spoke federations do consent management at the hub, though that is pushed out to the end-user. Federated operator has other tools to facilitate consent – End-entity categories in metadata are used to certify SP attribute needs Federations and consent support

12 Identity portability – Being able to move one’s consent preferences from one IdP to another – Not necessarily portability of identifiers, attributes or authorizations Unobservability not part of this model, but non-correlating opaque identifiers are Auditability for legal or regulatory requirements Adding Privacy to Accessibility – Capable of leveraging ISO/IEC JTC1 24751 implementations (see gpii.net) Some other design principles

13 The student app marketplace at Duke – Student marketplace of apps, drawing on both official info stores (e.g. address, email, class schedules, etc) and outputs of other apps in the marketplace – Complex set of consent decisions need a coherent approach The departmental app marketplace at U Washington - student consent for release of enterprise data needed because of independence of app – https://wiki.cac.washington.edu/display/infra/Guide+to+Attributes+ Available+from+the+UW+IdP https://wiki.cac.washington.edu/display/infra/Guide+to+Attributes+ Available+from+the+UW+IdP – https://wiki.cac.washington.edu/display/infra/Request+Attributes+f rom+the+UW+IdP https://wiki.cac.washington.edu/display/infra/Request+Attributes+f rom+the+UW+IdP Internal consent use cases

14 Fine-grain attribute release capabilities, with reasonable use of “bundles” and “meta-attributes” where appropriate. Informed consent that addresses the following concerns: – Hierarchical, flexible, accessible, etc. – Clear, concise human-readable explanations of attributes to be sent Additional detail provided when needed, including – which attributes are required – values of attributes – how SP will use each attribute – how long SP will keep each attribute (attribute privacy policy) Revocation of an attribute release policy (out of band is fine) Ability to convey trust marks and other guides to user Providing a variety of options for attribute release during future visits to the same site, including using the current settings, periodic resets or reconfirmations, out-of-band notifications, etc. Provide an audit interface and history to support both privacy and security The ability to combine a set of individual attributes into a common single meta attribute (e.g. combining cn and sn into a single name field for consent) Ability to work across protocols Ability to work on-line and off-line Requirements for Scalable Consent

15 Consent management at scale seems viable, but needs infrastructure Applications don’t know how to do data minimization – Very few are privacy-preserving; most lead with a request for identity when, at that point, only statefulness is needed – “You are what you release” functionality not leveraged Need to guard against habituation, oppressiveness; need to permit rubber squeeze toys There are multiple approaches to informing consent Lessons Learned – Consent Management

16 https://wiki.larpp.internet2.edu/confluence/display/LARPP/LARP P+Home https://wiki.larpp.internet2.edu/confluence/display/LARPP/LARP P+Home – Active public discussion of both infrastructure issues and deployment considerations https://work.iamtestbed.internet2.edu/drupal/ – PrivacyLens and Consent Management infrastructure https://work.iamtestbed.internet2.edu/confluence/display/YCW/ Yourtown+Community+Wiki+and+Service+Portal https://work.iamtestbed.internet2.edu/confluence/display/YCW/ Yourtown+Community+Wiki+and+Service+Portal – Privacy-responsive and attribute aware applications For more information:

Download ppt "Attribute Release and Scalable Consent \. Part of the original vision for federated identity and necessary for it to succeed Federated identity is less."

Similar presentations

Accelerating The Application Lifecycle. DEPLOY DEFINE DESIGN TEST DEVELOP CHANGE MANAGEMENT Application Lifecycle Management #1 in Java Meta, Giga, Gartner.

Accelerating The Application Lifecycle. DEPLOY DEFINE DESIGN TEST DEVELOP CHANGE MANAGEMENT Application Lifecycle Management #1 in Java Meta, Giga, Gartner.
www.dynamicsoft.com VON Europe 2000 -- 06/19/00 SIP and the Future of VON Protocols SIP and the Future of VON Protocols: Presence and IM Jonathan Rosenberg.

VON Europe /19/00 SIP and the Future of VON Protocols SIP and the Future of VON Protocols: Presence and IM Jonathan Rosenberg.
EGI-InSPIRE RI-261323 EGI-InSPIRE EGI-InSPIRE RI-261323 AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
OneBridge Mobile Data Suite Product Positioning. Target Plays IT-driven enterprise mobility initiatives Extensive support for integration into existing.

OneBridge Mobile Data Suite Product Positioning. Target Plays IT-driven enterprise mobility initiatives Extensive support for integration into existing.
Enterprise -> Cloud Outline –Enterprises have many apps outside their control public cloud; business partner applications –Using standards-based SSO (SAML,

Enterprise -> Cloud Outline –Enterprises have many apps outside their control public cloud; business partner applications –Using standards-based SSO (SAML,
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.

Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
REFEDS RESEARCH AND EDUCATION (R&S) ENTITY CATEGORY NICOLE HARRIS.

REFEDS RESEARCH AND EDUCATION (R&S) ENTITY CATEGORY NICOLE HARRIS.
Administrative Information Systems Shibboleth: The Next Generation ISIS Technical Information Session for Developers Datta Mahabalagiri March 3. 2008.

Administrative Information Systems Shibboleth: The Next Generation ISIS Technical Information Session for Developers Datta Mahabalagiri March
® IBM Software Group © IBM Corporation IBM Information Server Service Oriented Architecture WebSphere Information Services Director (WISD)

® IBM Software Group © IBM Corporation IBM Information Server Service Oriented Architecture WebSphere Information Services Director (WISD)
CONNECT as an Interoperability Platform - Demo. Agenda Demonstrate CONNECT “As an Evolving Interoperability Platform” –Incremental addition of features.

CONNECT as an Interoperability Platform - Demo. Agenda Demonstrate CONNECT “As an Evolving Interoperability Platform” –Incremental addition of features.
A Robust Health Data Infrastructure P. Jon White, MD Director, Health IT Agency for Healthcare Research and Quality 2014-06-10.

A Robust Health Data Infrastructure P. Jon White, MD Director, Health IT Agency for Healthcare Research and Quality
Telenet for Business Mobile & Security? Brice Mees Security Services Operations Manager.

Telenet for Business Mobile & Security? Brice Mees Security Services Operations Manager.
NOAA National Weather Service Water Predictions for Life Decisions DOH/RDM Science Workshop 1 Community Hydrologic Prediction System CHPS George Smith.

NOAA National Weather Service Water Predictions for Life Decisions DOH/RDM Science Workshop 1 Community Hydrologic Prediction System CHPS George Smith.
May 30 th – 31 st, 2006 Sheraton Ottawa. Microsoft Certificate Lifecycle Manager Saleem Kanji Technology Solutions Professional - Windows Server Microsoft.

May 30 th – 31 st, 2006 Sheraton Ottawa. Microsoft Certificate Lifecycle Manager Saleem Kanji Technology Solutions Professional - Windows Server Microsoft.
AAI with simpleSAMLphp

AAI with simpleSAMLphp
Module 10: Designing an AD RMS Infrastructure in Windows Server 2008.

Module 10: Designing an AD RMS Infrastructure in Windows Server 2008.
External Identity and Authorization in GENI. Topics Federated identity and virtual organizations ABAC Creating and transporting attributes.

External Identity and Authorization in GENI. Topics Federated identity and virtual organizations ABAC Creating and transporting attributes.
Consult21 Information is subject to change and is for discussion purposes only. Any dates/timings are the current anticipated timescales and may be subject.

Consult21 Information is subject to change and is for discussion purposes only. Any dates/timings are the current anticipated timescales and may be subject.
1 Multi Cloud Navid Pustchi April 25, 2014 World-Leading Research with Real-World Impact!

1 Multi Cloud Navid Pustchi April 25, 2014 World-Leading Research with Real-World Impact!

Similar presentations

Ads by Google