Slide 16 of 30
Notes:
DSPís can implement additional security as they wish. This can use the info held in Athens profiles or could re-challenge using alternative schemes - can be userid/password or certificates or whatever.
Access to secure documents can be handled by ATHENS or via local dsp mechanisms eg ACL. Decision is DSPís. If handled by ATHENS then hierarchy of resources to match hierarchies of document access need to be created. ACLís probably easier
