ITrust workshop Glasgow 2-4 Sep 2002

bullet1 1st breakout session: architectures

bullet2 Emil Lupu - Ponder

Policy as parameterized type; e.g. kids=video(chan,12:00-18:00), etc.

Obligations and Authorizations

Filtering policies

Delegation policies


Can be aggregated into roles

Beyond roles:

relationships, etc

Conflicts and policy analysis (e.g. separation of duties)

Relationship to trust:  as a constraint on authorization

Trust refines into a set of policies  [or is it the other way round? A: it's all the same thing [cool!]]