UApprove serves the following purposes:
- The user is informed about the release of his data (attributes) to a Service Provider (SP) when he accesses the SP for the first time or if his data changed.
- The administrator of an Identity Provider (IdP)
- gets a tool that implements data protection laws by enforcing user consent before personal user attributes are released to an SP
- knows when a particular user gave consent to release which attribute and value to a particular SP
From the user's point of view, UApprove is an application which presents him a webpage, on which
- he can globally accept the release of all his/her attributes to any Service Provider
- he has to accept the release of his/her attributes upon first access to a given Service Provider (if the global release has not been approved)