Reasoning about Relation Based Access Control