Security Market Segment LS
Wednesday, 14 December 2016 15:53

UMA proving successful in New Zealand PoC

By

Identity and access management vendor ForgeRock is assisting with pilot applications using the UMA standard.

iTWire has previously reported on the UMA (User Managed Access) standard and the way it has been implemented in the ForgeRock Identity Platform, as well as presenting a recent video interview with company executives.

One of the key ideas behind UMA is that people should be able to grant access rights to others in a very granular way.

On her latest visit to the region, ForgeRock vice-president of innovation and emerging technology (and founder and chair of the UMA Work Group) Eve Maler told iTWire that the first phase of a UMA proof-of-concept in New Zealand has been successful.

It provides functionality that would, among other things, allow someone submitting an online visa application to selectively allow a specific person to assist in the process, or to allow a person who is not comfortable with the online process to delegate it to a trusted party.

The proof-of-concept is moving into its second phase, she said. This will be broader, involving the use of open banking APIs to provide selective access to information. For example, a customer might want to allow their spouse or accountant to authorise certain types of transaction rather than merely allowing them to view transactions, or an executive might want to give their administrative assistant certain rights.

"Potentially, the sky's the limit," said Maler, adding that organisations should give people control over their digital identities.

Another example comes from the health sector. A patient with a smart insulin pump typically interacts with a care team that has a fuzzy boundary: a doctor may go on leave, or a temporary nurse brought in to cover for illness. UMA can be used to provision access policies according to the relationship between the patient and caregiver.

Also in the Internet of Things space, Maler gave the example of a building fitted with smart thermostats. The tenants, the building manager and the electricity supplier may all want access but with various permissions. The building manager "owns" the thermostats, but individual tenants probably want to control the temperature in their apartments or offices. And with the tenants' and manager's permission, and in return for appropriate concessions, the electricity company might seek the ability to turn the thermostats by a degree or two during periods of peak power consumption.

Supporting UMA is made easier by the way many applications are now "API fronted," Maler said.

UMA is just as relevant to large enterprises looking for a way to control the internal use of their APIs. Where CASBs (cloud access security brokers) are designed to protect and assist access to cloud systems, organisations also need a simple, standards-based way to manage internal systems (eg, to allow selective access by an employee of a supplier or customer).


BACK TO HOME PAGE

NEW OFFER - ITWIRE LAUNCHES PROMOTIONAL NEWS & CONTENT

Recently iTWire remodelled and relaunched how we approach "Sponsored Content" and this is now referred to as "Promotional News and Content”.

This repositioning of our promotional stories has come about due to customer focus groups and their feedback from PR firms, bloggers and advertising firms.

Your Promotional story will be prominently displayed on the Home Page.

We will also provide you with a second post that will be displayed on every page on the right hand side for at least 6 weeks and also it will appear for 4 weeks in the newsletter every day that goes to 75,000 readers twice daily.

POST YOUR NEWS ON ITWIRE NOW!

INVITE DENODO EXECUTIVE VIRTUAL ROUNDTABLE 9/7/20 1:30 PM AEST

CLOUD ADOPTION AND CHALLENGES

Denodo, the leader in data virtualisation, has announced a debate-style three-part Experts Roundtable Series, with the first event to be hosted in the APAC region.

The round table will feature high-level executives and thought leaders from some of the region’s most influential organisations.

They will debate the latest trends in cloud adoption and technologies altering the data management industry.

The debate will centre on the recently-published Denodo 2020 Global Cloud Survey.

To discover more and register for the event, please click the button below.

REGISTER HERE!

BACK TO HOME PAGE
Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.

BACK TO HOME PAGE

Webinars & Events

VENDOR NEWS

REVIEWS

Comments