Information and knowledge are assets. Therefore, authorization conflicts about information flow are subject to security concerns. The protection of information flow in a decentralized system is an important security objective in the business world. Once information is given away, there is an asymmetric relationship between the owner and the recipient of the information, because the owner has no control over a proper use or misuse by the recipient. The Common Limes Security Model (the Limes model for short) presented in this paper is a substantial extension of a simple model. It provides provable policies for asset (information) flow control. Rule elements are history and conflict functions maintained by the asset owners and protected by contracts between communication partners. If correctly implemented and enforced the rules of the Limes model guarantee the protection of assets from an unauthorized flow. They allow an information object to stay in a secure state in a decentralized, i.e. in an insecure environment. This paper defines the model and proves the security of its rules.