From Resource Control to Digital Trust with User-Managed Access

Wouter Termont; Ruben Dedecker; Wout Slabbinck; Beatriz Esteves; Ben; De Meester; Ruben Verborgh

arXiv:2411.05622·cs.CR·January 8, 2025

From Resource Control to Digital Trust with User-Managed Access

Wouter Termont, Ruben Dedecker, Wout Slabbinck, Beatriz Esteves, Ben, De Meester, Ruben Verborgh

PDF

Open Access

TL;DR

This paper discusses how the UMA extension to OAuth 2.0 can enhance digital trust and control over personal data in ecosystems like Solid, highlighting its potential and areas needing further specification.

Contribution

It evaluates UMA's capabilities for usage control and contextualization, proposing minor modifications to improve delegation and policy retraction features.

Findings

01

UMA can significantly increase digital trust with minimal changes

02

UMA supports usage control and transaction contextualization effectively

03

Further specifications are needed for delegation and retraction of policies

Abstract

The User-Managed Access (UMA) extension to OAuth 2.0 is a promising candidate for increasing Digital Trust in personal data ecosystems like Solid. With minor modifications, it can achieve many requirements regarding usage control and transaction contextualization, even though additional specification is needed to address delegation of control and retraction of usage policies.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsCryptography and Data Security · Blockchain Technology Applications and Security · Cloud Data Security Solutions