Pavitra wrote:
There's little point in a security level higher than the power of the securing rule.
Actually, that's under the old system. Under the new system, there would be little point in a security level higher than the power of the rule defining security levels. (And so that rule should have Power 3, otherwise other rules with Power 3 can't use it to full effect.)
Oh yes, I meant to write in a clause about that. Append the sentence "A rule CANNOT specify a security level greater than its own power."
And so this makes some sense (assuming that security levels can ever be different from Power); we probably don't want a rule with Power 2 declaring a security level of 3. I hadn't considered the other direction (a rule declaring a security level lower than its Power). Now that I do, it seems equally pointless, e.g. why bother enshrining the basic behavior of some concept in a Power 3 rule if you're going to let Power 2 rules modify that behavior? In short, I don't see any good reason for a security level different from the securing rule's Power, in either direction, and so I don't see any good reason to define security level as a separate concept.
