During the last years service oriented architectures (SOA) have gained in importance, when looking at today's implementation of business processes. A SOA is a loosely coupled system of services, where a service is implemented by an agent. The protection of information and data objects and their well-directed flow are essential for the success of enterprises, which also applies to the communication inside a SOA. To guarantee an approved protection of data objects and to prevent an illegal information flow, approved security policy models are chosen that are suitable for the considered use case. The Limes Security Model  is based on a not necessarily symmetric, not necessarily reflexive and not necessarily transitive conflict of interest relation. The model is introduced for pure subject/object relationships, where agents are not taken into account. The current paper extends the Limes Security Model by the support of agents, suitable for the use in a SOA.
- information flow control
- principal agent theory
- security models
- service-oriented architectures