#
# example domain 1

@keywords a.

@prefix owl: <http://www.w3.org/2002/07/owl#> .
@prefix rdfs: <http://www.w3.org/2000/01/rdf-schema#> .
@prefix rbac:  <http:/dig.csail.mit.edu/2007/rowlbac/approach1/rbac#> .
@prefix :  <http:/dig.csail.mit.edu/2007/rowlbac/approach1/ex1domain#> .

# role descriptions 
# for each role, you need an active role which is
# associated using activeForm prop

# US person 
USPerson rdfs:subClassOf rbac:Role.
ActiveUSPerson a rbac:ActiveRole;
     rdfs:subClassOf USPerson.
USPerson rbac:activeForm ActiveUSPerson.

# citizen, subclass of US Person
Citizen rdfs:subClassOf USPerson.
ActiveCitizen a rbac:ActiveRole;
   rdfs:subClassOf Citizen.
Citizen rbac:activeForm ActiveCitizen.

# resident, subclass of US Person
Resident rdfs:subClassOf USPerson.
ActiveResident a rbac:ActiveRole;
   rdfs:subClassOf Resident.
Resident rbac:activeForm ActiveResident.

# permanent resident, subclass of Resident
PermanentResident rdfs:subClassOf Resident.
ActivePermanentResident a rbac:ActiveRole;
   rdfs:subClassOf PermanentResident.
PermanentResident rbac:activeForm ActivePermanentResident.

# temporary resident, subclass of Resident
TemporaryResident rdfs:subClassOf Resident.
ActiveTemporaryResident a rbac:ActiveRole;
    rdfs:subClassOf TemporaryResident.
TemporaryResident rbac:activeForm ActiveTemporaryResident.

# business visa holder, subclass of Temporary Resident
BusinessVisaHolder rdfs:subClassOf TemporaryResident.
ActiveBusinessVisaHolder a rbac:ActiveRole;
   rdfs:subClassOf BusinessVisaHolder.
BusinessVisaHolder rbac:activeForm ActiveBusinessVisaHolder.

# visitor, subclass of US Person
Visitor rdfs:subClassOf USPerson.
ActiveVisitor a rbac:ActiveRole;
    rdfs:subClassOf Visitor.
Visitor rbac:activeForm ActiveVisitor.

# static separation of duties
# you cannot be both a permanent resident and a citizen
#PermanentResident owl:disjointWith Citizen.
#Visitor owl:disjointWith Citizen.

# static separation of duties
# you cannot be both a resident and a citizen
Resident owl:disjointWith Citizen.

# dynamic separation of duties
# though you can be a visitor and a permanent resident, you can't activate both these
# roles at the same time
#ActivePermanentResident owl:disjointWith ActiveVisitor.
ActiveVisitor owl:disjointWith ActiveTemporaryResident.

#ends