General Requirements
Need ability to establish a set of information which defines who is able to complete an access attempt ("Access Policy")
Need to establish some basic (but extensible) list of access constraints.
[Next]