•(Request) A service
provider can ask an authority one of these
questions:
–What
authentication info do you have for this ___ subject?
–For this ___
subject, what are his values for these ___ attributes?
–Should this
___ subject be allowed to take these ___ actions on this ___ resource?
•(Response) An
authority can make these statements:
–This ___ subject was authenticated on this ___ datetime, using this ___ mechanism.
–This ___
subject has this ___ value for this ___ attribute.
–For this ___ subject, taking this ___ action on this ___ resource, the decision is ___.
–