Under CopyrightPeters, J.J.PetersRieke, R.R.RiekeRochaeli, T.T.RochaeliSteinemann, B.B.SteinemannWolf, R.R.Wolf2022-03-0708.08.20062005https://publica.fraunhofer.de/handle/publica/29259810.24406/publica-fhg-292598The scope of the policy working group in the context of the protocol engineering activities in the SicAri project is, to develop protocols for the negotiation and provisioning of policies in the SicAri architecture. This complements the research focused on policy patterns, the policy-refinement process, policy evaluation, and policy specification languages in other SicAri work packages. This report covers the latest research in the field of policy negotiation and the Web Service Policy Language (WSPL). Further, policy negotiating scenarios are described, SicAri platform bootstrapping is covered, and requirements for policy provisioning and service access in the SicAri platform are derived. After presenting the base technologies used throughout the SicAri framework such as the Common Open Policy Service (COPS) protocol and extensions thereof, the main concepts of Role-Based Access Control (RBAC) and the Extensible Access Control Markup Language (XACML) are introduced. Finally, the SicAri policy framework with a focus on architecture and integration of the policy negotiation and provisioning protocol and the logical entities such as policy enforcement points (PEPs) and policy decision point (PDP) that are using this facility are presented.Contents S.2-3 1 Introduction S.4-5 - 2.1 Web Service Policy Language S.5 2 State of the Art S.6-8 - 2.1.1 Elements of WSPL S.6 - 2.1.2 WSPL Operators S.6 - 2.1.3 Interpreting the WSPL Elements S.7 - 2.1.4 Policy Negotiation S.7 - 2.1.5 Conclusion S.7 - 3.1 Bootstrapping S.7-8 - 3.3 Service Access S.8 3 Policy Negotiating Scenarios S.9-12 - 3.2 Policy Provisioning S.9-11 - 3.4 Derived Requirements S.11 - 4.1 The COPS (Common Open Policy Service) Protocol S.12 4 Technologies S.13-19 - 4.1.1 The COPS outsourcing mode S.13-14 - 4.1.2 The COPS provisioning mode S.15-16 - 4.1.3 COPS-MU (mobile user) and COPS-MT (mobile terminal) S.17 - 4.2 Role-Based Access Control (RBAC) S.17-18 - 4.1.4 COPS inter-domain policy negotiation S.18 - 5.1 Policy negotiation between PDP and PEP S.19 5 SicAri Policy Framework S.20-23 References S.24 - 6.1 Terminology and Abbreviations S.24 6 Appendix S.25ensecurity policyweb servicespolicy negotiationsecurity protocol006report