The PolicyMgmtAPI in the Java SDK is what you are looking for. I have done this sort of thing with the Perl PolicyMgmtAPI (get trusted host, get agent, etc...)
If you want to do this from the Policy Server it is pretty easy. If you plan on implementing this type of thing in an application server you will need to also create a 4.x agent in order to communicate with the Policy Server for the PolicyMgmtAPI calls.