论文信息 - Extending the Power of Consent with User-Managed Access: A Standard Architecture for Asynchronous, Centralizable, Internet-Scalable Consent

Extending the Power of Consent with User-Managed Access: A Standard Architecture for Asynchronous, Centralizable, Internet-Scalable Consent

The inherent weaknesses of existing notice-and-consent paradigms of data privacy are becoming clear, not just to privacy practitioners but to ordinary online users as well. The corporate privacy function is a maturing discipline, but greater maturity often equates just to greater regulatory compliance. At a time when many users are disturbed by the status quo, new trends in web security and data sharing are demonstrating useful new consent paradigms. Benefiting from these trends, the emerging standard User-Managed Access (UMA) allows apps to extend the power of consent. UMA corrects a power imbalance that favors companies over individuals, enabling privacy solutions that move beyond compliance.

Eve Maler | Eve Maler

[1] Dick Hardt,et al. The OAuth 2.0 Authorization Framework , 2012, RFC.

[2] Thomas Hardjono,et al. Binding Obligations on User-Managed Access (UMA) Participants , 2015 .

[3] Eve Maler,et al. User-managed access to web resources , 2010, DIM '10.

[4] Woodrow Hartzog,et al. Chain-Link Confidentiality , 2012 .

[5] Colin Potts,et al. Design of Everyday Things , 1988 .

[6] Maciej P. Machulak,et al. User-Managed Access (UMA) Profile of OAuth 2.0 , 2016 .