Role-based Management Requirements

Authentication and authorization
SP administrators with read/write access to policies and read to devices
SP administrators with read/write access to devices
Customer have read access to his policy and his dedicated devices
etc

Re-use existing Radius/Tacacs authentication servers

Common hierarchical & grouping mecanisms

Logging of administrators actions