In DTR you can specify which user should be allowed or denied to perform a certain task. To control access, the DTR defines a certain set of privileges, which you can then grant to or deny a user, who was authenticated by the User Management Engine (UME).