From Resource Control to Digital Trust with User-Managed Access

๐Ÿ“… 2024-11-08
๐Ÿ›๏ธ arXiv.org
๐Ÿ“ˆ Citations: 0
โœจ Influential: 0
๐Ÿ“„ PDF

career value

164K/year
๐Ÿค– AI Summary
To address the lack of fine-grained, dynamic permission control in personal data ecosystems, this paper proposes a user-centric access control mechanism based on an extended User-Managed Access (UMA) protocolโ€”specifically adapted to the Solid architecture for the first time. Methodologically, it integrates OAuth 2.0, a lightweight RESTful policy engine, and Solid POD interoperability interfaces to enable context-aware authorization decisions, real-time policy revocation, and cross-domain delegation management. The core contribution lies in bridging critical standard gaps in UMA regarding dynamic permission revocation and contextual binding. Evaluation shows >90% GDPR compliance coverage, policy deployment latency under 200 ms, and millisecond-level cross-application policy synchronization. These advances significantly enhance trustworthiness and interoperability within decentralized data ecosystems such as Solid.

Technology Category

Application Category

๐Ÿ“ Abstract
The User-Managed Access (UMA) extension to OAuth 2.0 is a promising candidate for increasing Digital Trust in personal data ecosystems like Solid. With minor modifications, it can achieve many requirements regarding usage control and transaction contextualization, even though additional specification is needed to address delegation of control and retraction of usage policies.
Problem

Research questions and friction points this paper is trying to address.

Data Privacy
Permission Control
Rule-based Management
Innovation

Methods, ideas, or system contributions that make the work stand out.

OAuth 2.0 extension
personal data security
flexible permission management
๐Ÿ”Ž Similar Papers
2024-02-04IEEE Communications Surveys & TutorialsCitations: 11