Key points are not available for this paper at this time.
Conventional authorization mechanisms provide actors with permissions to act, without the actor ever incurring any obligations as a result of executing the permitted action. There exist, however, many situations where system integrity requires that certain actions always be followed by others, within some reasonable time frame. We propose an extension to conventional authorization which allows the explicit association of obligations with permissions, and enforces them. We demonstrate that the extended mechanism can be used to support and enforce several general types of control policies and integrity constraints which are otherwise difficult or impossible to support.
Minsky et al. (Thu,) studied this question.