Trust negotiation I: S -> C. Access Control
Service has established access control policy.
- To avoid trivialities, we assume that the access control policy does not permit anonymous use.
- The request is rejected, and the client is asked to provide more information.
- The policy may be confidential by itself, so a sanitized version is sent to client.
- Sanitized version must be sufficiently specific to enable client to provide necessary credentials.
- PRIME engine must ensure that no unnecessary credentials are requested.
Service has established privacy policy.