P.E.CcuS.9
Client Client should not control access to its own service Service: the domain model does not support situations where a client makes authN/authZ decisions for itself. This would create ambiguous dependencies that cannot be resolved in the current models of client credential sharing, forwarding and exchange. Delete the 'controls' relationship from Client to Service, and have some other process control access (or leave the service to handle authentication and authorization decisions for itself).