[WG-UMA] Cloud-enabled Enterprise API Security & UMA
mario.hoffmann at aisec.fraunhofer.de
Fri Jun 15 13:33:00 EDT 2012
That's a very interesting enterprise use case. I will definitely have a
closer look at it :)
So far I was a bit skeptical that enterprise scenarios can be addressed
by UMA appropriately since there is such a lot of commercial solutions
around role-based access control, enterprise rights management, mobile
device management, and corporate identity management.
May be exactly this large amount of different solutions could be our
advantage if we could simplify administrators' life with a UMA
integration ... and, additionally, decrease the number of consultants
you need to master all the dependencies above ;)
Cheers and a nice weekend
Am 15.06.2012 16:25, schrieb Domenico Catalano:
> here is a new scenario with possible implication for Cloud-enabled
> Enterprise use case:
> The Organization X decides to extend own business leveraging a Cloud
> computing platform and the mobile.
> Basically, they decide to expose (RESTful) APIs for mobile application
> integration, to allow external mobile apps access to the platform.
> They protect the API platform using CopMonkey's Authorization Manager.
> They develop a mobile app that use the API platform.
> A Requesting Party (Bob) downloads and installs the mobile app on his
> Any interaction with the API platform will be authorized by the AM,
> which is able to verify the claims provided by the Requester (on behalf
> of the Requesting Party).
> Does it make sense ?
> WG-UMA mailing list
> WG-UMA at kantarainitiative.org
Mario Hoffmann (Dipl.-Inform.)
Head of Department "Secure Services & Quality Testing"
** Please make note of our new name Fraunhofer AISEC,
formerly Fraunhofer SIT-Munich
Fraunhofer Research Institution AISEC
Parkring 4, 85748 Garching near Munich (Germany)
Tel: +49 (0)89/ 322 9986-177 (fixed)
+49 (0)151/121 68100 (mobile)
More information about the WG-UMA