When a Service Provider receives a report request from an Operator for a specific Consumer, they need to check that they are permitted to provide this.
Currently, in a stateless implementation of a SP, the whole Consumer tree for an OP needs to be pulled down. A simple association test result from the Data Engine would be helpful and may make security simpler.