Requirements for Framework

Policies protect system objects from inappropriate access
- Require ability to influence access control decisions and events
Policies may make decisions based on the properties of the objects, and policy-specific attributes of those objects
- Require the ability to inspect the objects themselves, and add labeling information to the objects

Policies protect system objects from inappropriate access