Main = <s> String.

// Security Automaton extended for Chinese Wall Policy
// for one subject

ChineseWallPolicyChecker = List(ChineseWallAutomaton) EOF.
ChineseWallAutomaton = "Chinese" "Wall" "automaton" AutomatonName 
  "currentState" <currentState> State
  ["startState" <startState> State] // empty List(Group)
  "transition" <transition> Transition
  "groups" <groups> List(Group)
  "citypes" <citypes> List(CIType)
  "history" <history> List(Access).

State = <accesses> List(Group).
Access = ObjektId "group" Group.
Group = GroupName ["citype" CIType].
CIType = CITypeName.

Transition = <newAccess> Access.
// has boolean exec() method that checks Chinese Wall Policy:
// newAccess.group gives group g1
// if g1 in ChineseWallPolicyChecker.currentState ok else
// if g1.citype is different from previous types ok else denied

ObjektId = Ident.
GroupName = Ident.
CITypeName = Ident.
AutomatonName = Ident.

List(S) ~ "(" {S} ")". 


(
Chinese Wall automaton consultant_Mary
currentState
  (Shell)
startState
  ()
transition
  oid_research group Mobil
groups
  (Shell citype Oil Mobil citype Oil UBS citype Bank)
citypes
  (Oil Bank)
history
  (oid1 group Shell oid2 group Shell oid3 group Shell)

Chinese Wall automaton consultant_John
currentState
  (Winterthur AllState UBS)
transition
  oid_research group AllState
groups
  (AllState citype Insurance Wintherthur citype Insurance UBS citype Bank)
citypes
  (Insurance Bank Retail WholeSale)
history
  (oid1 group Winterthur oid2 group AllState oid3 group UBS )

Chinese Wall automaton consultant_Karl
currentState
  (Shell)
transition
  oid_research group Mobil
groups
  (Shell citype Oil Mobil citype Oil UBS citype Bank)
citypes
  (Oil Bank)
history
  (oid1 group Shell oid2 group Shell oid3 group Shell)
)