/Docs/G/UMA-Use-Cases-CmA/0.md
  Source views: Source JSON(ish) on GitHub (VSCode)   Doc views: Document (&k=4.r00t): Visual Print Technical: OpenParameters Xray
Implications for Creating a UMA Legal Framework
  1. Mapping UMA Roles, Obligations and Liabilities to Information Privacy, Information Security, Federated IdM, and eID Frameworks
    1. Resource Subject
    2. Resource Owner/Access Rights Holder
    3. Resource Server
    4. Authorization Server
    5. Requesting Party
    6. Relying Parties (Out of UMA Network)
  2. Intermediary Service Provider Liability Issues
    1. Unauthorized Access, Use or Dissemination of Protected Data (by AS)
    2. Mistaken Identification of Requesting Parties (by AS)
    3. Failure to Enforce Access Policies with Third Party Providers (by AS)
    4. Failure to Enforce Access Policies with Requesting Parties (by AS)
    5. Unauthorized Dissemination of Identity Attributes (by Identity Brokers)
  3. Strategies for Limiting Liability
    1. Contractual
    2. Insurance
    3. Compliance with Jurisdiction-Specific Laws
    4. Compliance with Data/Industry-Specific Regulations