Departmental Papers (CIS)

Date of this Version


Document Type

Conference Paper


Copyright 2009 IEEE. Reprinted from:

Michael J. May, Carl A. Gunter, Insup Lee, Steve Zdancewic, "Strong and Weak Policy Relations," Policies for Distributed Systems and Networks, IEEE International Workshop on, pp. 33-36, 2009 IEEE International Symposium on Policies for Distributed Systems and Networks (POLICY), London, July 20-22, 2009.


This material is posted here with permission of the IEEE. Such permission of the IEEE does not in any way imply IEEE endorsement of any of the University of Pennsylvania's products or services. Internal or personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution must be obtained from the IEEE by writing to By choosing to view this document, you agree to all provisions of the copyright laws protecting it.

The shorter version of Technical report is available at:


Access control and privacy policy relations tend to focus on decision outcomes and are very sensitive to defined terms and state. Small changes or updates to a policy language or vocabulary may make two similar policies incomparable. To address this we develop two flexible policy relations derived from bisimulation in process calculi. Strong licensing compares the outcome of two policies strictly, similar to strong bisimulation. Weak licensing compares the outcome of policies more flexibly by ignoring irrelevant (non-conflicting) differences between outcomes, similar to weak bisimulation. We illustrate the relations using examples from P3P.


policy analysis, privacy policies



Date Posted: 06 October 2009

This document has been peer reviewed.