ITrust workshop Glasgow 2-4 Sep 2002

bullet1 1st breakout session: architectures

bullet2 Emil Lupu - Ponder

Policy as parameterized type; e.g. kids=video(chan,12:00-18:00), etc.

Obligations and Authorizations

Filtering policies

Delegation policies

...etc


Can be aggregated into roles


Beyond roles:

relationships, etc


Conflicts and policy analysis (e.g. separation of duties)


Relationship to trust:  as a constraint on authorization

Trust refines into a set of policies  [or is it the other way round? A: it's all the same thing [cool!]]