There are several approaches which try to improve this
situation by addressing both, the of available as well as their consistency. However, they
mainly focus on security policies which control the processes
and not the data processes operate on. As a consequence
these security policies can only have low granularity. All
data processed by the application is subject to the same Popular examples include access rights
for address books. They often contain private, business, or
public contacts. Once access to this resource is granted data
with very dierent security requirements can be processed.