Modelling Declassification Policies using Abstract Domain Completeness