[Openid-specs-heart] A few comments on Alice Consents to Clinical Research [UMA]

Eve Maler eve.maler at forgerock.com
Mon Feb 1 22:34:05 UTC 2016


Now that we've discussed the IRB possibly being the AS operator, that would
put them in a pretty significant UMA-visible role! However, if the clinical
researcher is truly "out of band of the use case" as Glen states in the
writeup, and they only have a paper (or non-UMA) relationship with the CDRN
vs. interacting in any UMA flows, then they don't have an UMA role by
definition.

This is the beauty of swimlanes: They force us to figure it out. :-)


*Eve Maler*ForgeRock Office of the CTO | VP Innovation & Emerging Technology
Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
New ForgeRock Identity Platform <https://www.forgerock.com> with UMA support
<https://www.forgerock.com/platform/user-managed-access/> and an OpenUMA
community <https://forgerock.org/openuma/>!

On Mon, Feb 1, 2016 at 2:30 PM, Debbie Bucci <debbucci at gmail.com> wrote:

>
>
> >> CDRN: RqP? (is that what you meant by RP? could be RqP/client for our
> purposes, assuming a specialty client) -  believe that is the point Josh
> was making as well ... for the current use case the CDRN the client/RqP
>
> AS operator could map to multiple roles (s)
>
>  Not certain researcher and/or IRB  (involvement/role) should be
> altogether silent.   Permitting a CDRN to query for some type of data
> without registering/logging some identifier to point to the originator
> triggering the query is worrisome to me.  I do not know enough about Query
> - perhaps that requirement satisfied with queryID
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-heart/attachments/20160201/c58cfbda/attachment.html>


More information about the Openid-specs-heart mailing list