diff --git a/src/satellite/src/db/store.rs b/src/satellite/src/db/store.rs
index 6ef640391..e6d87b721 100644
--- a/src/satellite/src/db/store.rs
+++ b/src/satellite/src/db/store.rs
@@ -11,8 +11,8 @@ use crate::db::types::state::Doc;
 use crate::db::utils::filter_values;
 use crate::list::utils::list_values;
 use crate::msg::{COLLECTION_NOT_EMPTY, ERROR_CANNOT_WRITE};
+use crate::rules::assert_stores::{assert_create_permission, assert_permission, public_permission};
 use crate::rules::types::rules::{Memory, Permission, Rule};
-use crate::rules::utils::{assert_create_rule, assert_rule, public_rule};
 use crate::types::core::{CollectionKey, Key};
 use crate::types::list::{ListParams, ListResults};
 use candid::Principal;
@@ -84,7 +84,7 @@ fn get_doc_impl(
     match value {
         None => Ok(None),
         Some(value) => {
-            if !assert_rule(&rule.read, value.owner, caller, controllers) {
+            if !assert_permission(&rule.read, value.owner, caller, controllers) {
                 return Ok(None);
             }
 
@@ -258,15 +258,15 @@ fn assert_write_permission(
     user_timestamp: Option<u64>,
 ) -> Result<(), String> {
     // For existing collection and document, check user editing is the caller
-    if !public_rule(rule) {
+    if !public_permission(rule) {
         match current_doc {
             None => {
-                if !assert_create_rule(rule, caller, controllers) {
+                if !assert_create_permission(rule, caller, controllers) {
                     return Err(ERROR_CANNOT_WRITE.to_string());
                 }
             }
             Some(current_doc) => {
-                if !assert_rule(rule, current_doc.owner, caller, controllers) {
+                if !assert_permission(rule, current_doc.owner, caller, controllers) {
                     return Err(ERROR_CANNOT_WRITE.to_string());
                 }
             }
diff --git a/src/satellite/src/db/utils.rs b/src/satellite/src/db/utils.rs
index 666b390fe..c629409d7 100644
--- a/src/satellite/src/db/utils.rs
+++ b/src/satellite/src/db/utils.rs
@@ -1,7 +1,7 @@
 use crate::db::types::state::Doc;
 use crate::list::utils::matcher_regex;
+use crate::rules::assert_stores::assert_permission;
 use crate::rules::types::rules::Permission;
-use crate::rules::utils::assert_rule;
 use crate::types::core::Key;
 use crate::types::list::ListParams;
 use candid::Principal;
@@ -27,7 +27,7 @@ pub fn filter_values(
             filter_key_matcher(&regex_key, key)
                 && filter_description_matcher(&regex_description, &doc.description)
                 && filter_owner(owner, &doc.owner)
-                && assert_rule(rule, doc.owner, caller, controllers)
+                && assert_permission(rule, doc.owner, caller, controllers)
         })
         .map(|(key, doc)| (key.clone(), doc.clone()))
         .collect()
diff --git a/src/satellite/src/rules/assert.rs b/src/satellite/src/rules/assert_rules.rs
similarity index 100%
rename from src/satellite/src/rules/assert.rs
rename to src/satellite/src/rules/assert_rules.rs
diff --git a/src/satellite/src/rules/utils.rs b/src/satellite/src/rules/assert_stores.rs
similarity index 81%
rename from src/satellite/src/rules/utils.rs
rename to src/satellite/src/rules/assert_stores.rs
index ed7ee5777..3bfc2ea30 100644
--- a/src/satellite/src/rules/utils.rs
+++ b/src/satellite/src/rules/assert_stores.rs
@@ -6,13 +6,13 @@ use shared::controllers::is_controller;
 use shared::types::state::Controllers;
 use shared::utils::principal_equal;
 
-pub fn assert_rule(
-    rule: &Permission,
+pub fn assert_permission(
+    permission: &Permission,
     owner: Principal,
     caller: Principal,
     controllers: &Controllers,
 ) -> bool {
-    match rule {
+    match permission {
         Permission::Public => true,
         Permission::Private => principal_equal(owner, caller),
         Permission::Managed => principal_equal(owner, caller) || is_controller(caller, controllers),
@@ -22,8 +22,12 @@ pub fn assert_rule(
 
 /// If a document or asset is about to be created for the first time, it can be initialized without further rules unless the collection is set as controller and the caller is not a controller.
 /// This can be useful e.g. when a collection read permission is set to public but only the administrator can add content.
-pub fn assert_create_rule(rule: &Permission, caller: Principal, controllers: &Controllers) -> bool {
-    match rule {
+pub fn assert_create_permission(
+    permission: &Permission,
+    caller: Principal,
+    controllers: &Controllers,
+) -> bool {
+    match permission {
         Permission::Public => true,
         Permission::Private => true,
         Permission::Managed => true,
@@ -31,8 +35,8 @@ pub fn assert_create_rule(rule: &Permission, caller: Principal, controllers: &Co
     }
 }
 
-pub fn public_rule(rule: &Permission) -> bool {
-    matches!(rule, Permission::Public)
+pub fn public_permission(permission: &Permission) -> bool {
+    matches!(permission, Permission::Public)
 }
 
 pub fn is_known_user(caller: Principal) -> bool {
diff --git a/src/satellite/src/rules/mod.rs b/src/satellite/src/rules/mod.rs
index 546705d3b..fdc682e1b 100644
--- a/src/satellite/src/rules/mod.rs
+++ b/src/satellite/src/rules/mod.rs
@@ -1,6 +1,6 @@
-mod assert;
+mod assert_rules;
+pub mod assert_stores;
 pub mod constants;
 pub mod impls;
 pub mod store;
 pub mod types;
-pub mod utils;
diff --git a/src/satellite/src/rules/store.rs b/src/satellite/src/rules/store.rs
index 3656bd8ee..c4945dd1d 100644
--- a/src/satellite/src/rules/store.rs
+++ b/src/satellite/src/rules/store.rs
@@ -1,6 +1,8 @@
 use crate::db::store::{delete_collection, init_collection};
 use crate::memory::STATE;
-use crate::rules::assert::{assert_memory, assert_mutable_permissions, assert_write_permission};
+use crate::rules::assert_rules::{
+    assert_memory, assert_mutable_permissions, assert_write_permission,
+};
 use crate::rules::constants::SYS_COLLECTION_PREFIX;
 use crate::rules::types::interface::{DelRule, SetRule};
 use crate::rules::types::rules::{Memory, Rule, Rules};
diff --git a/src/satellite/src/storage/store.rs b/src/satellite/src/storage/store.rs
index a1984038f..9ae670aab 100644
--- a/src/satellite/src/storage/store.rs
+++ b/src/satellite/src/storage/store.rs
@@ -12,8 +12,10 @@ use shared::types::state::Controllers;
 use shared::utils::principal_not_equal;
 use std::collections::HashMap;
 
+use crate::rules::assert_stores::{
+    assert_create_permission, assert_permission, is_known_user, public_permission,
+};
 use crate::rules::types::rules::{Memory, Rule};
-use crate::rules::utils::{assert_create_rule, assert_rule, is_known_user, public_rule};
 use crate::storage::constants::{
     ASSET_ENCODING_NO_COMPRESSION, BN_WELL_KNOWN_CUSTOM_DOMAINS, ENCODING_CERTIFICATION_ORDER,
     ROOT_404_HTML, ROOT_INDEX_HTML,
@@ -191,7 +193,7 @@ fn delete_asset_impl(
     match asset {
         None => Err(ERROR_ASSET_NOT_FOUND.to_string()),
         Some(asset) => {
-            if !assert_rule(&rule.write, asset.key.owner, caller, controllers) {
+            if !assert_permission(&rule.write, asset.key.owner, caller, controllers) {
                 return Err(ERROR_ASSET_NOT_FOUND.to_string());
             }
 
@@ -267,7 +269,10 @@ fn secure_create_batch_impl(
 ) -> Result<u128, String> {
     let rule = get_state_rule(&init.collection)?;
 
-    if !(public_rule(&rule.write) || is_known_user(caller) || is_controller(caller, controllers)) {
+    if !(public_permission(&rule.write)
+        || is_known_user(caller)
+        || is_controller(caller, controllers))
+    {
         return Err(UPLOAD_NOT_ALLOWED.to_string());
     }
 
@@ -440,7 +445,7 @@ fn secure_commit_chunks(
 
     match current {
         None => {
-            if !assert_create_rule(&rule.write, caller, controllers) {
+            if !assert_create_permission(&rule.write, caller, controllers) {
                 return Err(ERROR_CANNOT_COMMIT_BATCH.to_string());
             }
 
@@ -465,7 +470,7 @@ fn secure_commit_chunks_update(
         return Err("Provided collection does not match existing collection.".to_string());
     }
 
-    if !assert_rule(&rule.write, current.key.owner, caller, controllers) {
+    if !assert_permission(&rule.write, current.key.owner, caller, controllers) {
         return Err(ERROR_CANNOT_COMMIT_BATCH.to_string());
     }
 
diff --git a/src/satellite/src/storage/utils.rs b/src/satellite/src/storage/utils.rs
index 09ffbb0bf..600a5a419 100644
--- a/src/satellite/src/storage/utils.rs
+++ b/src/satellite/src/storage/utils.rs
@@ -1,6 +1,6 @@
 use crate::list::utils::matcher_regex;
+use crate::rules::assert_stores::assert_permission;
 use crate::rules::types::rules::Permission;
-use crate::rules::utils::assert_rule;
 use crate::storage::types::interface::{AssetEncodingNoContent, AssetNoContent};
 use crate::storage::types::state::FullPath;
 use crate::storage::types::store::Asset;
@@ -61,7 +61,7 @@ pub fn filter_values(
                 && filter_full_path(&regex_key, asset)
                 && filter_description(&regex_description, asset)
                 && filter_owner(*owner, asset)
-                && assert_rule(rule, asset.key.owner, caller, controllers)
+                && assert_permission(rule, asset.key.owner, caller, controllers)
         })
         .collect()
 }