Dynamics in Delegation and Revocation Schemes: A Logical Approach