In this paper we presented a conceptual model for authorization in distributed systems. We introduced precise semantics for policy representation and evaluation. The semantics is defined independently from underling security mechanisms and is separate from implementation. The flexibility of the model makes it possible to represent existing access control mechanisms.
We believe that the model provides an effective way to understand and employ authorization policies in distributed systems.
We have begun to investigate the side-effects of the condition evaluation. Through the use of the side effects, in our current work we consider integrating intrusion and misuse detection systems with applications using our model.
We hope that this model will lead to other insights about authorization policies. We are looking for possible ways to restrict condition expressiveness to guarantee policy computability and polynomial-time decidability.