Access control model with provisional actions

In most access control systems, authorization is specified using binary dec isions, "yes" or "no," to the access requests resulting in access being per mitted or denied respectively. We argue that emerging Internet applications require that this binary decision be extended to "allow access provided so me actions are taken." We propose the notion of provisional actions that sp ecifies the necessary actions to be performed in addition to the binary dec ision and introduce an access control model for it. We also provide an admi nistrative model for policy management purpose.