# data for example domain 2

@keywords a.

@prefix owl: <http://www.w3.org/2002/07/owl#> .
@prefix rdfs: <http://www.w3.org/2000/01/rdf-schema#> .
@prefix rbac:  <http:/dig.csail.mit.edu/2007/rowlbac/approach2/rbac#> .
@prefix ex:  <http:/dig.csail.mit.edu/2007/rowlbac/approach2/ex1domain#> .
@prefix :  <http:/dig.csail.mit.edu/2007/rowlbac/approach2/ex1data#> .

# possible roles
Mary rbac:role ex:Faculty, ex:Student. # if activated together dynamic separation of duty
Karen rbac:role ex:Student, ex:PrincipalInvestigater. # violation: static separtion of duty
Ted rbac:role ex:Faculty. 

PrintOnFacultyPrinter a rbac:Action.

# faculty have the permission to print on faculty printer
@forAll SUBJ.
{ SUBJ rbac:activeRole ex:Faculty.
} => { [] a PermittedAction; subject SUBJ; object PrintOnFacultyPrinter }.

#ends