摘要 |
For allowing an effective handling of obligations a method for access control within a network, especially for control of access of a subject to a resource of the network, is disclosed, wherein a PEP (Policy Enforcement Point) sends an access request for evaluation to a PDP (Policy Decision Point) and wherein the PDP sends a reply which contains at least one obligation to the PEP. Whereby for specifying obligations a meta-language as for example OASIS XALML is used. |