/Docs/G/UMA-Use-Cases-CmA/0.md
| Ti | = | USER-MANAGED ACCESS: USE CASES FOR ANALYZING AND DETERMINING A LEGAL FRAMEWORK |
| 0.1.sec | = | By Timothy Reiniger |
| 0.2.sec | = | (2/28/17) |
| 0. | = | [G/Z/paras/s2] |
| 1.Ti | = | Lex Informatica Considerations |
| 1.1.Ti | = | A. UMA Value Proposition for Programmable Devices, Network Systems, and Applications |
| 1.1.1.sec | = | Consumer Access Control (Autonomy) |
| 1.1.2.sec | = | Trusted Relationships (Reciprocity) |
| 1.1.3.sec | = | Default Rules/Policies (Objectivity) |
| 1.1. | = | [G/Z/ol/s3] |
| 1.2.Ti | = | UMA Consent Advantages |
| 1.2.1.sec | = | Diachronic Consent/Access Control |
| 1.2.2.sec | = | Asynchronous Consent/Access Control |
| 1.2.3.sec | = | Delegated/Distributed Authorization Chain |
| 1.2. | = | [G/Z/ol/s3] |
| 1.3.Ti | = | UMA Legal Advantages |
| 1.3.1.sec | = | Jurisdictional: Networks and Cross-Border Interoperability |
| 1.3.2.sec | = | Customization of Consumer Control over Access Rights/Permissions |
| 1.3.3.sec | = | Self-Enforcement: Monitoring and Ex Ante |
| 1.3. | = | [G/Z/ol/s3] |
| 1.4.Ti | = | UMA Legal Challenges |
| 1.4.1.sec | = | Data Ownership – How Does the Consumer Gain Access Control? |
| 1.4.2.sec | = | Device Function Control – Who Controls? |
| 1.4.3.sec | = | Identity and Authorization of RqPs |
| 1.4.4.sec | = | Downstream Control and Monitoring of Personal Information Access, Distribution, and Use Rights |
| 1.4.5.sec | = | How enforce access controls and authorizations/permissions? |
| 1.4. | = | [G/Z/ol/s5] |
| 1. | = | [G/Z/ol/4] |
| 2.Ti | = | Salient Factors for Use Cases |
| 2.1.Ti | = | Networked-Access Environments |
| 2.1.1.sec | = | Consumer-Facing Smart, Connected Products |
| 2.1.2.sec | = | Consumer-Facing Mobile Phone Applications |
| 2.1.3.sec | = | Consumer-Facing Online/Cloud Applications |
| 2.1.4.sec | = | Employee-Facing in Enterprise |
| 2.1.5.sec | = | Citizen-Facing Government Services |
| 2.1.6.sec | = | Regulated Access Rights/Duties by Sector (Telecoms, healthcare, financial services, and education) |
| 2.1.7.sec | = | Regulated Access Rights/Duties by Jurisdiction (ex. EU) |
| 2.1. | = | [G/Z/ol/s7] |
| 2.2.Ti | = | Resource Subject/Owner Variations |
| 2.2.1.sec | = | Natural Person |
| 2.2.2.sec | = | Legal Person (Corporation or Government) |
| 2.2.3.sec | = | Legal Representatives of Natural or Legal Persons |
| 2.2. | = | [G/Z/ol/s3] |
| 2.3.Ti | = | Resource Server Variations |
| 2.3.1.sec | = | Things/Devices/Smart Meters |
| 2.3.2.sec | = | Mobile Phones |
| 2.3.3.sec | = | Product Cloud Applications |
| 2.3.4.sec | = | Enterprise or Business Systems |
| 2.3.5.sec | = | Government Systems |
| 2.3. | = | [G/Z/ol/s5] |
| 2.4.Ti | = | Requesting Party Variations |
| 2.4.1.sec | = | Natural Person |
| 2.4.2.sec | = | Legal Person (Corporation or Government) |
| 2.4.3.sec | = | Legal Representatives |
| 2.4. | = | [G/Z/ol/s3] |
| 2.5.Ti | = | Authorization Permissions/Purposes |
| 2.5.1.sec | = | Access |
| 2.5.2.sec | = | Use of Identity Attributes for Authentication |
| 2.5.3.sec | = | Use for Healthcare Monitoring /Treatment |
| 2.5.4.sec | = | Use for Device Performance Assessment |
| 2.5.5.sec | = | Device and Data Usage Patterns – Third Party Marketing |
| 2.5.6.sec | = | Downstream Users and Uses |
| 2.5. | = | [G/Z/ol/s6] |
| 2. | = | [G/Z/ol/5] |
| 3.Ti | = | UMA Use Cases by Networked-Access Environment |
| 3.1.Ti | = | Consumer-Facing Smart, Connected Products |
| 3.1.0.sec | = | Alice has an implanted Medronic blood glucose meter installed and also uses a fitness wearable (Ralph Lauren Polo Tech Shirt) to manage her health. She lives in California but frequently travels on business to the United Kingdom, so she uses several doctors’ medical portals as resource servers. Alice uses a generic data sharing manager (AS) offered by her former university to manage health data flow. She and her doctors are RqPs who between them use a variety of clients. Some of her devices both generate (RS) and consume (as the Client) data. When traveling, Alice also gives her cardiologist’s office temporary access to her personal calendar to make it easier to schedule a series of checkup appointments upon her return. Salient Factors |
| 3.1.1.sec | = | • A.1. |
| 3.1.2.sec | = | • A.3. |
| 3.1.3.sec | = | • A.6. |
| 3.1.4.sec | = | • A.7. |
| 3.1.5.sec | = | • B.1. |
| 3.1.6.sec | = | • C.1. |
| 3.1.7.sec | = | • C.3. |
| 3.1.8.sec | = | • D.1. |
| 3.1.9.sec | = | • D.3. |
| 3.1.10.sec | = | • E.3. |
| 3.1.11.sec | = | • E.6. |
| 3.1. | = | [G/Z/ol/s11] |
| 3.2.Ti | = | Consumer-Facing Smart Meters |
| 3.2.0.sec | = | Alice (RO) has digitized her entire home temperature-control process by installing a Nest digital thermostat and smoke detector (RS). At the time of purpose, she accepted an invitation from Nest to share data for marketing purposes. In addition, Alice has permitted her local utility company (RO and RS) to install a smart meter for water usage in her home. She also has set up her home computer, printer, and mobile phone as part of a Home Area Network. She lives in a California community that has drought mandated restrictions on lawn watering. She has recently received a fine in the mail for exceeding her water usage limit. In the last month, she has also been barraged with telephone and mail solicitations for Whirlpool laundry systems (RqP) as well as Jawbone wearable technology (RqP), the products of each of which can easily integrate with the Nest platform. Salient Factors |
| 3.2.1.sec | = | • A.1. |
| 3.2.2.sec | = | • A.3. |
| 3.2.3.sec | = | • A.5. |
| 3.2.4.sec | = | • B.1. |
| 3.2.5.sec | = | • C.1. |
| 3.2.6.sec | = | • C.5. |
| 3.2.7.sec | = | • D.2 |
| 3.2.8.sec | = | • E.1. |
| 3.2.9.sec | = | • E.4. |
| 3.2.10.sec | = | • E.5. |
| 3.2.11.sec | = | • E.6. |
| 3.2. | = | [G/Z/ol/s11] |
| 3.3.Ti | = | Consumer-Facing Mobile Phone Applications |
| 3.3.0.sec | = | Verizon (RO and RS) would like to leverage the identity attribute data collected inperson at its large network of stores to become an identity provider. However, Verizon is required by federal law to obtain the account-holder’s consent before giving access or sharing the identity attributes for the purpose of identity transactions. To obtain the consumer consents for this purpose, Verizon uses a third-party intermediary, Erikson (AS), which is contractually bound to the GSMA Mobile Connect Standard. At the same time, Erikson serves as a broker of online identity attributes for CITI (RqP) in completing commercial transactions. Though living in the United State, Alice (RO) routinely conducts online commercial transactions with entities in China and the United Kingdom. When an RqP needs to authenticate Alice in an online transaction, the RqP requests the AS to confirm or verify selected identity attribute information that has been collected by Verizon, her mobile phone account provider. The AS has contractual arrangements with Alice, the RS, and the RqP that enable the AS to broker the consents and confirm Alice’s digital identity attributes for authentication purposes. The AS then reports the fact of a confirmation to the RqP. In compliance with federal law, the AS also informs Alice about each authentication request and retains a log of all such requests. Salient Factors |
| 3.3.1.sec | = | • A.2. |
| 3.3.2.sec | = | • A.3. |
| 3.3.3.sec | = | • A.6. |
| 3.3.4.sec | = | • B.1. |
| 3.3.5.sec | = | • C.2. |
| 3.3.6.sec | = | • C.3. |
| 3.3.7.sec | = | • C.4. |
| 3.3.8.sec | = | • D.2. |
| 3.3.9.sec | = | • D.3. |
| 3.3.10.sec | = | • E.2 |
| 3.3. | = | [G/Z/ol/s10] |
| 3.4.Ti | = | Consumer-Facing Online/Cloud Applications |
| 3.4.0.sec | = | Alice wants to share, for a limited length of time, access to the data about how much income she made last year with her chartered accountant Bob. Alice is the RO and Bob is the RqP. Her paycheck application is an RS that exposes an API and scopes for accessing her income data. A central data-sharing hub application (AS) helps her manage her data exposure to Bob and others. Bob uses a tax return preparation Client APP. Salient Factors |
| 3.4.1.sec | = | • A.3. |
| 3.4.2.sec | = | • A.6. |
| 3.4.3.sec | = | • B.1. |
| 3.4.4.sec | = | • B.3. |
| 3.4.5.sec | = | • C.3. |
| 3.4.6.sec | = | • C.4. |
| 3.4.7.sec | = | • C.5. |
| 3.4.8.sec | = | • D.1. |
| 3.4.9.sec | = | • D.3. |
| 3.4.10.sec | = | • E.1. |
| 3.4.11.sec | = | • E.6. |
| 3.4. | = | [G/Z/ol/s11] |
| 3.5.Ti | = | Employee-Facing in Enterprise |
| 3.5.0.sec | = | Alice is employed as an attorney within the Santa Clara County Counsel’s office where she handles employee/labor-related matters. As an employee herself, Santa Clara County (RO and RS) has given Alice (RO) the ability to manage the access to and sharing permissions of all of her employment data by means of a UMA data sharing platform contractually provided by ForgeRock (AS) as part of the County’s overall application access management. She is able to authorize sharing of her employment with Wells Fargo (RqP) when applying for a home mortgage loan. On an unrelated note, Alice has a minor nephew (Resource Subject) who is in the child dependency system and for whom she has been appointed a guardian. She is able to access confidential records relating to her nephew and authorize sharing of his medical records using the AS platform. All of the access and sharing policies offered by the AS strictly follow the evolving information privacy and security requirements of California state law and Santa Clara regulations. Salient Factors |
| 3.5.1.sec | = | • A.4. |
| 3.5.2.sec | = | • B.1 |
| 3.5.3.sec | = | • B.2. |
| 3.5.4.sec | = | • B.3. |
| 3.5.5.sec | = | • C.5. |
| 3.5.6.sec | = | • D.2. |
| 3.5.7.sec | = | • D.3. |
| 3.5.8.sec | = | • E.1. |
| 3.5.9.sec | = | • E.3. |
| 3.5.10.sec | = | • E.6. |
| 3.5. | = | [G/Z/ol/s10] |
| 3.6.Ti | = | Citizen-Facing Government Services |
| 3.6.0.sec | = | Alice would like for the Virginia DMV (RO and RS) to share her identity attributes with an identity brokering service offered by Signicat (AS) for purposes of completing banking transactions as well as participating in the Health Information Exchange (HIE). When a hospital system or other RqP needs Alice to share identity attributes to prove who she is, the RqP requests the AS to confirm or verify selected identity attribute information that has been collected by the Virginia DMV. The AS has a contractual arrangement with the DMV that enables the AS to present Alice’s digital identity attributes to the DMV for yes/no confirmation. The AS then reports the fact of a confirmation to the RqP. In compliance with Virginia law, the AS also informs Alice about the authentication request and retains a record of all such requests. Salient Factors |
| 3.6.1.sec | = | • A.3. |
| 3.6.2.sec | = | • A.5. |
| 3.6.3.sec | = | • A.6. |
| 3.6.4.sec | = | • B.1. |
| 3.6.5.sec | = | • B.3. |
| 3.6.6.sec | = | • C.3. |
| 3.6.7.sec | = | • C.5. |
| 3.6.8.sec | = | • D.2. |
| 3.6.9.sec | = | • D.3. |
| 3.6.10.sec | = | • E.2. |
| 3.6. | = | [G/Z/ol/s10] |
| 3. | = | [G/Z/ol/6] |
| 4.Ti | = | Implications for Creating a UMA Legal Framework |
| 4.1.Ti | = | Mapping UMA Roles, Obligations and Liabilities to Information Privacy, Information Security, Federated IdM, and eID Frameworks |
| 4.1.1.sec | = | Resource Subject |
| 4.1.2.sec | = | Resource Owner/Access Rights Holder |
| 4.1.3.sec | = | Resource Server |
| 4.1.4.sec | = | Authorization Server |
| 4.1.5.sec | = | Requesting Party |
| 4.1.6.sec | = | Relying Parties (Out of UMA Network) |
| 4.1. | = | [G/Z/ol/s6] |
| 4.2.Ti | = | Intermediary Service Provider Liability Issues |
| 4.2.1.sec | = | Unauthorized Access, Use or Dissemination of Protected Data (by AS) |
| 4.2.2.sec | = | Mistaken Identification of Requesting Parties (by AS) |
| 4.2.3.sec | = | Failure to Enforce Access Policies with Third Party Providers (by AS) |
| 4.2.4.sec | = | Failure to Enforce Access Policies with Requesting Parties (by AS) |
| 4.2.5.sec | = | Unauthorized Dissemination of Identity Attributes (by Identity Brokers) |
| 4.2. | = | [G/Z/ol/s5] |
| 4.3.Ti | = | Strategies for Limiting Liability |
| 4.3.1.sec | = | Contractual |
| 4.3.2.sec | = | Insurance |
| 4.3.3.sec | = | Compliance with Jurisdiction-Specific Laws |
| 4.3.4.sec | = | Compliance with Data/Industry-Specific Regulations |
| 4.3. | = | [G/Z/ol/s4] |
| 4. | = | [G/Z/ol/3] |
| = | [G/Z/ol-II/4] |