Negotiation of usage control policies - Simply the best?

Alexander Pretschner, Thomas Walter

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

9 Scopus citations

Abstract

The term "negotiation" suggests that multi-step bidirectional communication takes place. In this position paper, we play the devil's advocate and argue that (automated) policy negotiation essentially is one of the following, at least in the area of usage control. It can come down to a three-phase protocol that consists of a client request, a set of offers by the server, and the client's choice of an offer or to abort. Policy negotiation can also consist of a client request together with acceptable conditions plus the server's choice of one condition or to abort. In other words, negotiation of policies is a mere choice among alternatives; there is no negotiation in the intuitive sense of the word. - The goal of this position paper is to stimulate the discussion on what (automated) "policy negotiation" really is or can be.

Original languageEnglish
Title of host publicationARES 2008 - 3rd International Conference on Availability, Security, and Reliability, Proceedings
Pages1135-1136
Number of pages2
DOIs
StatePublished - 2008
Externally publishedYes
Event3rd International Conference on Availability, Security, and Reliability, ARES 2008 - Barcelona, Spain
Duration: 4 Mar 20087 Mar 2008

Publication series

NameARES 2008 - 3rd International Conference on Availability, Security, and Reliability, Proceedings

Conference

Conference3rd International Conference on Availability, Security, and Reliability, ARES 2008
Country/TerritorySpain
CityBarcelona
Period4/03/087/03/08

Fingerprint

Dive into the research topics of 'Negotiation of usage control policies - Simply the best?'. Together they form a unique fingerprint.

Cite this