Delegation Of Obligations
POLICY '02: Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)(2002)
摘要
Obligation policies are one main means of exercising control within an organisation. They specify the actions that some subject has to perform. The authority over these actions needs to be specified in authorisation policies. Current policy notations provide us with the needed structure to represent authorisations and obligations as policy objects for distributed systems management. They support the delegation of authorisations but not of obligations. Yet, there is a strong relationship between the two policy types and the delegation of obligations needs to be supported as well, requiring the introduction of a new type of policy which we call a "review".This paper investigates the general principles underlying the delegation of policy objects, putting specific emphasis on the delegation of obligations. The Alloy specification language is used to specify and illustrate these principles. The main issues that will be discussed are: the balance between authorisation and obligation policies; the source of obligations and reasons for their delegation; the need for review policies to help control the delegation of obligations.
更多查看译文
关键词
DP management,authorisation,distributed processing,formal specification,specification languages,Alloy specification language,action authority specification,authorisation delegation,authorisation policies,distributed systems management,obligation delegation,obligation policies,obligation source,policy object delegation,review policies,
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络