Hi Pubudu,

Thank you for your email. I hope at this point you may have tried out our IoT 
Server and the samples it provides. As you have figured out already, UMA is an 
Access Control Mechanism, that delegates management of access to personal 
information of users to themselves. 

So in this scenario that we have envisioned, a user may have a bunch of devices 
they registered  with IOT Server. For the purpose of this example, lets imagine 
one of these devices is a smart lock installed in the owner’s house, and their 
is a requirement for the owner to provide access to another party. With UMA, 
she can share control of the lock with the new tenant, by simply logging in to 
a device management dashboard. Lets assume the owner also has a baby monitor in 
the house and she can remotely monitor the video feed. She wants to share this 
video feed with a baby sitter, but she does not want to share control of the 
entire device, for example the third party shouldn’t be able to switch off/on 
the device. Going by the same mechanism quoted earlier, she can selectively 
grant/revoke to certain functionalities on the fly with the use of UMA. 
Another, usecase would be to group a set of devices or functions and share 
control or monitor data of the device as a whole. 

In the current implementation of the IoT Server, we already have support for 
grouping and sharing of devices, but this implementation is not UMA based. It 
is an implementation of our own. Going ahead with UMA would mean that we would 
have a more scalable approach to share access, and it would make things easier 
when dealing with sharing of devices between multiple groups with different 
access levels.

We already have a UMA implementation in WSO2 Identity Server in POC form, 
deliverable would be to do the changes on CDMF side to accommodate the 
transition to UMA, for sharing of devices, groups and data.

Ruwan Yatawara

> On Mar 20, 2017, at 11:59, Pubudu Meththananda <pubudurw...@cse.mrt.ac.lk> 
> wrote:
> Pubudu Mahesh Meththananda

Dev mailing list

Reply via email to