I want to implement such a complex SoD rule in RSA
This is my case, I have three application roles A1,A2 and A3
Having A1 and A2 or A1 and A3 or A2 and A3 is not a violation but when the user have the three roles together is a violation.
So I defined my SoD rule like this :
Entitelment Set 1
groups in (('App1 ADC','A1'))
and groups in (('App1 ADC','A2'))
Entitelment Set 2
groups in (('App1 ADC','A3'))
When I run the test any violation is detected, even my user have these 3 roles.