Control¶
Entitlement, privacy and business policies will be modeled in the EKG and automatically executed, enforced and audited at the Data Point level.
The EKG can use enterprise and organization knowledge to express access not only in terms of access control lists, but in terms of business rules, policies, logic and information content.
Rationale¶
Use of the EKG itself to control and enforce access allows more power and conciseness of policy expression and execution while linking to existing enterprise directories.
Implications¶
Appropriate enterprise directories should be integrated in the EKG. It can take some thought to design what the policies should be at the business level.