“I’ve experienced quite a bit about how open source works. It’s been a wonderful learning experience for me and definitely turned me from someone who thought open source code and developers were somehow not as good as closed source equivalents into a person who knows that the opposite is most definitely the case!”(Mark Little, Red Hat, blog)
Indisputable fact of today’s worlds is an existence of many IT companies that based their success on the Open Source. Talend, Alfresco, Cloudera, Mozilla and last but not least: Red Hat/JBoss (How JBoss did it!) are great examples of that.
At the beginning of May 2011, the SMART team attended the Internet Identity Workshop in Mountain View, CA. This was a great opportunity to present our work and to discuss it with other people from the community. The team scheduled to give three presentations and a demo of the newly released SMARTAM application. During our presentations, we talked about User-Managed Access (UMA) and SMARTAM (an UMA-based Authorisation Manager).
The end of 2010 was very intense and interesting for the SMART project. We have attended three big events: Internet Identity Workshop 11, Devoxx and Middleware 2010 Conference. It was a great opportunity to get feedback on our current work as well as hear news from the Internet identity and the developers world.
At the beginning of November we went from windy and rainy Newcastle to Mountain View for the 11-th Internet Identity Workshop (IIW). Even though it takes about 15 hours to get there, we never regret meeting great people and hearing what new things are happening at Facebook, Google, Yahoo and within the whole identity ecosystem. Among many interesting presentations, personally I really liked the Janrain’s talk about social login and sharing for online retailers as well as Google’s presentation of results of their research on OpenID usability. Of course there was Eve Maler presenting User Managed Access. I am very happy that with every next IIW there are more people asking about UMA. We definitely need to speed up with our prototype implementation. Together with Maciej we did a session on our Java implementation of OAuth 2.0 – leeloo library. We discussed how to use leeloo to build OAuth clients, authorization and resource servers. Apart from that, there was a really great discussion with session attendees about good patterns of building OAuth enabled applications.
We hardly had time to rest after IIW because just a week later we went to Antwerp. This Belgium city hosted Devoxx, the biggest in Europe and world’s second conference for Java developers. With more than 100 speakers and 3000 attendees it is great place to discuss technical issues and hear opinions on UMA from the developer community. The SMART project did two presentation describing the UMA flow and showing prototype of UMA/j - a Java framework for building UMA compliant Web applications.
UMA/j framework was also a topic of our paper: Implementation of User-Managed Access Framework for Web 2.0 Applications that has been accepted for the Middleware for Service Oriented Computing (MW4SOC) Workshop at Bangalore, – the Sillicon Valley of India. Bangalore is a really crazy city, completely different from what I’ve seen in US or Europe. I made there a presentation, as well as showed a poster, explaining design and main components of the UMA/j framework. There were many people interested in how UMA tries to solve a problem of authorization and data sharing in the cloud.
We’re looking forward to 2011 when we hope to have at least the same amount of opportunities to present our work, get feedback and learn new things that will be beneficial for our research and the SMART project.
We’re pleased to announce that our talk titled “Introduction to UMA/j – User Managed Access framework” has been approved for the Devoxx conference that is taking place in Metropolis Antwerp in Belgium in November this year. We’ve submitted two proposals – one for the BoF session (1h long) and one for the Tools in Action session (30min session). Both proposals have been accepted.
It”s really great to be given the opportunity to discuss development with some of the best Java developers out there. We hope to increase interest in the UMA protocol and the library that we’re building here at Newcastle University as part of the SMART project. We’ll definitely appreciate the feedback of developers as well. So if you haven’t registered for Devoxx 2010 yet, now you have one more (great) reason to do so!
Last Friday, I presented the paper that I wrote with Prof. Aad van Moorsel on User-Controlled Access Management (aka User-Managed Access Control) at the ICDCS-SPCC 2010: The First Workshop On Security And Privacy In Cloud Computing. The workshop took place in the beautiful city of Genoa in Italy. I didn’t know what to expect from the event but it turned out to be very good! It started with a keynote by Prof. Pierangela Samarati (University of Milano) on “Protecting confidentiality in external data storage” followed by other really good presentations and the “New Research Directions of Security and Privacy in Cloud Computing” panel by Krishna Kant (Intel Research & NSF), Sabrina De Capitani di Vimercati (University of Milano) and Jack Brassil (HP Labs).
After the workshop I had a chance to talk to Prof. Samarati about her recent paper “”. We discussed the proposed approach to including credentials in access control policies. Most importantly, we talked about dialog management for which support within XACML has been discussed extensively. User-Managed Access supports dialog management with claims (see “Claims 2.0” specification). However, it leaves unspecified few crucials things that we need to discuss and incorporate into the specification. What I like in the approach that Prof. Samarati describes in her paper is that anyone can specify required attributes within access control policies but the types of these attributes may not be necessarily communicated to the Requester (and eventually Requesting Party). For example, the policy may define that anyone who can prove themselves to be over 18 years old should be able to access a particular resource. However, this information may not be communicated to the Requester. Rather than that, the authorization server may ask “What’s your age?” and decide based on the provided information. It can even ask “Hey! Tell me about yourself.” and then make an access control decision. The SMART team is planning to look at these features closely and to contribute to the Claims 2.0 specification. And of course, we’ll implement that! :)
BTW, the slides from my presentation and the final draft of the paper are available here. Want to provide feedback? Let me know!
Here are some photos from our trip to the User-Managed Access Workshop collocated with the European Identity Conference 2010 in Munich. Thanks Domenico! :)
Aad will be giving a presentation on “User Managed Access Control for Web 2.0 Applications” at Alcatel Lucent (US) on Wednesday. We should upload the slides shortly to http://bitbucket.org/smartproject/smart-resources. Me and Lukasz made some significant improvements to our demo application and applied some of the bits that are not yet in the UMA Core Protocol so we hope folks at Alcatel-Lucent enjoy the talk!
We have created a new repository for all SMART related resources at http://bitbucket.org/smartproject/smart-resources. You should be able to find all the presentations and documents there.
At the second day of Internet Identity Workshop X in Mountain View, CA we had a demo our prototype SMART project implementation (first known UMA implementation in Java!) It was quite a challenge for us as we had to explain the motivation behind UMA and describe the main SMART functionality in ONLY 5 minutes. In total, we showed more than ten demos within just one hour! Really exhausting. Our presentation methodology had to be changed, as we typically talk about SMART for two hours or more:). Anyway, it was really good to show people what we’ve done and gather some very useful feedback.
As for the feedback, the main was related to the usability of our system. Before you read further, take a moment to look as some of the screenshots from our presentations (here) and send us some comments! At the time of our demos at IIW, we did not have any fancy CSS applied and the entire interface of the AM did not look very appealing. I hope we can work on that shortly. Hopefully, we should be able to perform some usability studies on the UX of our prototype AM.
Eve Maler gave a presentation about Kantara User-Managed Access work during one of the sessions at the Internet Identity Workshop. This presentation included the Newcastle University presentation about the SMART project and our implementation. We are very happy that we had a chance to make the audience familiar with SMART and our effort to develop open source UMA libraries. It was a great experience to receive feedback from the community that works on user-centric identity and similar efforts.
UPDATE: You can see the slides from the presentation here.