Do we really need this level of sophisication? In my experience of this sort of system, it is the maintenance workload that can be onerus. Is enough of our sharing that sensitive that we need to add this burden to the system. Would PGP not be a simpler alternative?
Sorry if I sound negative. I see the need to protect so parts of the BAA business but I suggest some careful analysis of the costs/benefits before commiting to this solution.