... people^2.1

or the processes on their behalf

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... objects^2.2

persons and users are both treated as objects

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... (obligation^2.3

In contrast to obligation policies by the Imperial College, negative obligation policies are not used.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... discussions^2.4

Thanks to Cheh Goh, Adrian Baldwin and Marco Cassasa Mont from the Hewlett-Packard Laboratories, Bristol

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... space^2.5

Authorisation policies express this by having the domain scope expression ``any'' as subject.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

...DAC^3.1

MAC stands for Mandatory Access Control, DAC stands for Discretionary Access Control, and I&A stands for Identification and Authentication

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... OMT^4.1

Object Modelling Technique

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... delegation^4.2

Delegation and transfer of responsibility are used as follows:

$\forall$ A delegate (resp R, B)	$\Longleftrightarrow$	isresp (resp R, A)	$\wedge$	isresp (resp R, B)
$\forall$ A transfer (resp R, B)	$\Longleftrightarrow$	$\neg$ isresp (resp R, A)	$\wedge$	isresp (resp R, B)

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... Team^6.1

URL: http://wwwmnmteam.informatik.uni-muenchen.de

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... functionality^6.2

The only exception to this is the Persistence Service.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... DHCP^6.3

Dynamic Host Configuration Protocol

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... MAC^6.4

Medium Access Control - layer 2 in the ISO-OSI network reference model

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... additionally^6.5

The constraint expressions of the policy are evaluated before the policy finally is enforced.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... policies^6.6

In subsection  an ambiguity of the semantics between authorisation policies and obligation policies as used in the NoCScontrol is discussed.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

... semantics^6.7

i.e. best effort, exactly once, at most once, etc.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.