(Requirement) Access control rule evaluation must be highly scalable and responsive.
Access control for objects is evaluated for every object access in the DataONE infrastructure. As such, the mechanisms used to determine if a particular token (i.e. handle to an authenticated principle) must be very efficient and should not offer a barrier to the desired levels of access control in the system.
Access control should not be an impediment to effective use of the content available through DataONE.
Access control rules can be evaluted for any token in an average of xxx milliseconds
Access control rules must not take longer than xxx milliseconds to evaluate
Access control must not block critical operations (e.g replications, synchronization)