Identity at the Center Identity at the Center #48 - Eve Maler, IAM UMAnitarian
Jun 15, 2020
In this conversation, Eve Maler, CTO at ForgeRock and founder of the User-Managed Access (UMA) workgroup, delves into the evolution of identity standards. She critiques the hype around blockchain identity and discusses the rise of consent failures, urging a rethinking of consent models. Eve also shares insights from the ForgeRock 2020 Consumer Identity Breach Report, linking breach costs to digital transformation trends. Plus, she previews her upcoming panel at Identiverse on next-gen authorization. Get ready for a fascinating journey through the IAM landscape!
AI Snips
Chapters
Transcript
Episode notes
UMA’s Origin And Purpose
- UMA began at the Internet Identity Workshop to give people control over their own data and built on top of OAuth and OpenID Connect.
- Eve describes UMA enabling Alice-to-Bob sharing and a unified dashboard without aggregating all data into one place.
Standards Succeed By Solving Right Problems
- Standards succeed when they solve the right problem and get sedimented into other specs over time.
- Eve cites UMA contributing dynamic client registration that later became part of OAuth.
How Eve Entered IAM
- Eve recounts being pulled into IAM at Sun and helping form the OASIS security services committee that produced SAML.
- She earned the nickname "XML girl" while defining XML and later chaired the SAML effort in 2000–2001.