Integrating Policy with Applications and Distributed System Services

The Origin of This Work

Conclusion: Integration is hard to do

Today’s security deployment

The goal of our work (and outline)

Our focus for integration

Generic Authorization and Access-control API

Extended Access Control Lists

Specification of Conditions

Credential transport (needed)

Integrating other services (future)

Application based ID

Electronic commerce

Dynamic Policy Evaluation

Status

Summary