// Security Automaton extended for Chinese Wall Policy
// for one subject

ChineseWallPolicyChecker = List(ChineseWallAutomaton) EOF.
ChineseWallAutomaton = "Chinese" "Wall" "automaton" AutomatonName 
  "currentState" <currentState> State
  ["startState" <startState> State] 
  ["transitions" <transition> List(Transition)]
  "groups" <groups> List(Group)
  "citypes" <citypes> List(CIType)
  "history" <history> List(Access).

State = <g_accesses> List(Group) <t_accesses> List(CIType).
Access = ObjektId "group" Group.
Group = GroupName ["citype" CIType].
CIType = CITypeName.

Transition = <newAccess> Access.
// has boolean exec() method that checks Chinese Wall Policy:
// newAccess.group gives group g1
// if g1 in ChineseWallPolicyChecker.currentState ok else
// if g1.citype is different from previous types ok else denied

ObjektId = Ident.
GroupName = Ident.
CITypeName = Ident.
AutomatonName = Ident.

List(S) ~ "(" {S} ")".