[UPDATED: 14. January 2015]
Early 2014 we organized a couple of webinars to hear about technologies that allowed to provide authentication of Internet of Things devices and to control access to resources. We learned more about OAuth, Kerberos, and the PKI/certificate model and all talks have been recorded and can be found at http://www.tschofenig.priv.at/wp/?p=1012
In a recent chat with Eve Maler, who co-chairs the Kantara User-Managed Access (UMA) working group, she volunteered to explain their ongoing work to us. Eve is employed by Forgerock, a company developing identity management solutions, and has been working in the identity management space for a very long time.
UMA is a profile and application of OAuth that defines how resource owners can control resource access by clients operated by arbitrary requesting parties, where the resources reside on any number of resource servers, and where a centralized authorization server governs access based on resource owner policy. Recent investigations have shown promise for applying UMA to Internet of Things authorization use cases.
The webinar took place on January 13th 2015 at 8am PST.