Access Models And Claims
*ACL-based:  Which principals can access this resource?
*Design center – protection “at-rest” resources
based on identifier claims
*Integrated policy store, decision and enforcement
*Can be mandatory or discretionary
*Capability-based:  Which resources accessible
by this principal?
*Design center – separation of policy store,
decision and enforcement
*Capability claims – codify access query, grant or unit of delegation
*Rich policy expression, enables distributed environment
*“Lock&Key” (hybrid)
*Design center – protection “in-motion” resources
*Expresses capability claims via cryptographic keys
*Policy reference is embedded into resource itself