Background: At many universities and colleges today, a user doesn't have say in the release of their personal information (e.g. email address) to a vendor site that is in a relationship with the institution.
The CAR system:
- enables user choice (“consent”) about release of their personal information on a per vendor site basis.
- balances institutional policies with a user's policies.
- works across all browsers and devices.
- is protocol agnostic: can work with SAML-based Identity Providers and OAUTH/OIDC Resource Servers
- can be used in a variety of "user not present" scenarios, including bulk feeds to external providers, provisioning, and scientific batch programs.
- is open-source; currently being deployed at a major US University.
This site offers information about CAR. Most of the information is intended for people who already are familiar with "identity management," but we give a bit more background for normal people immediately below. We follow the background material with a brief overview of CAR's component services. The bottom of the pages contains links to in-depth technical information about CAR (e.g architecture and policy language documents).
The user's policy choices are permit, deny, "ask me" and "use my institution's advice." For example:
The institution's policy choices are permit and deny.
CAR's policy language document describes the policy statements in glorious, geeky detail.
CAR Components: three separate, but interacting services. These are:
Consent Policy Service For Users (COPSU):
Stores user policies (including “ask me”) with respect to release of specific values of attributes– or OAUTH scopes or OIDC claims – to specific relying parties (RPs).
Answers queries about a given user’s choices with respect to a given RP, and a specific set of attributes/scopes/claims.
Doesn’t hold a user's actual attribute values; instead holds the release policy around the attributes and their values.
Attribute Release Policy Service For Institutions (ARPSI):
Stores Institutional attribute release policies about users, attributes, values, and relying parties (RPs).
Answers queries about the institutional choices with respect to a given user, a given RP, and a specific set of attributes.
Consent-informed Attribute Release Manager (CARMA)
- Handles all UI interactions with end users on their policy choices
- Handles all UI interactions with administrators who set institutional or user attribute release policies.
- Handles requests for decisions on attribute release from callers (e.g. IdPs) via requests to the ARPSI and COPSU.
Holds and applies a "meta policy" to decide what to do when institutional and user policies conflict.
Takes care of authenticating and authorizing identity providers, users, and admins, so that the COPSU and ARPSI don't have to.
Please see the Scalable Consent site.