DKAL is a new expressive declarative authorization language for distributed systems. It is designed with user-centric access control in mind, and it features targeted communication and nested quotations. Knowledge plays a key role in DKAL. In principle, every principal computes "his" own knowledge. A resource manager permits the use of the resource if he concludes, on the basis of information available to him, that the permission should be granted. DKAL rests on the firm foundation of existential fixed-point logic. It has not been implemented yet.
Gates 4B (opposite 490)