scope:

The present document will provide the requirements on distributed enforcement environments, taking into account attached policies as well as frameworks with dedicated enforcement and decision points. The requirements of the decision making process has been covered in [i.1].

The present document will not only deal with the requirements of the architecture and the information carried in the decision, but will take into account the requirements regarding specification of the obligations exchanged.

It is assumed that the different entities especially those described as policy enforcement points (PEP) and policy decision points (PDP) have a mutual trust relationship, on which they rely on with respect to decision being made and enforced accordingly. The basis of these trust relationships could be based on legal agreement and/or unforgeable audit trails.