Stumbled On#PrivacyLens gives users fine grained control of what information is sent from an identity provider to a service provider. It derives from, and augments the capabilities of uApprove. It is installed by embedding it into an existing installation of the Shibboleth Identity Provider.
- The user is informed about the release of his data (attributes) to a Service Provider (SP) when he accesses the SP for the first time or if his data changed.
- The administrator of an Identity Provider (IdP)
- gets a tool that implements data protection laws by enforcing user consent before personal user attributes are released to an SP
- knows when a particular user gave consent to release which attribute and value to a particular SP
From the user's point of view, uApprove is an application which presents him a webpage, on which
- he can globally accept the release of all his/her attributes to any Service Provider
- he has to accept the release of his/her attributes upon first access to a given Service Provider (if the global release has not been approved)