TY - GEN
T1 - Negotiation of usage control policies - Simply the best?
AU - Pretschner, Alexander
AU - Walter, Thomas
PY - 2008
Y1 - 2008
N2 - The term "negotiation" suggests that multi-step bidirectional communication takes place. In this position paper, we play the devil's advocate and argue that (automated) policy negotiation essentially is one of the following, at least in the area of usage control. It can come down to a three-phase protocol that consists of a client request, a set of offers by the server, and the client's choice of an offer or to abort. Policy negotiation can also consist of a client request together with acceptable conditions plus the server's choice of one condition or to abort. In other words, negotiation of policies is a mere choice among alternatives; there is no negotiation in the intuitive sense of the word. - The goal of this position paper is to stimulate the discussion on what (automated) "policy negotiation" really is or can be.
AB - The term "negotiation" suggests that multi-step bidirectional communication takes place. In this position paper, we play the devil's advocate and argue that (automated) policy negotiation essentially is one of the following, at least in the area of usage control. It can come down to a three-phase protocol that consists of a client request, a set of offers by the server, and the client's choice of an offer or to abort. Policy negotiation can also consist of a client request together with acceptable conditions plus the server's choice of one condition or to abort. In other words, negotiation of policies is a mere choice among alternatives; there is no negotiation in the intuitive sense of the word. - The goal of this position paper is to stimulate the discussion on what (automated) "policy negotiation" really is or can be.
UR - http://www.scopus.com/inward/record.url?scp=49049119105&partnerID=8YFLogxK
U2 - 10.1109/ARES.2008.163
DO - 10.1109/ARES.2008.163
M3 - Conference contribution
AN - SCOPUS:49049119105
SN - 0769531024
SN - 9780769531021
T3 - ARES 2008 - 3rd International Conference on Availability, Security, and Reliability, Proceedings
SP - 1135
EP - 1136
BT - ARES 2008 - 3rd International Conference on Availability, Security, and Reliability, Proceedings
T2 - 3rd International Conference on Availability, Security, and Reliability, ARES 2008
Y2 - 4 March 2008 through 7 March 2008
ER -