Resolving constraint conflicts

Trent Jaeger, Reiner Sailer, Xiaolan Zhang

Research output: Contribution to conferencePaperpeer-review

25 Scopus citations


In this paper, we define constraint conflicts and examine properties that may aid in guiding their resolution. A constraint conflict is an inconsistency between the access control policy and the constraints specified to limit that policy. For example, a policy that permits a high integrity subject to access low integrity data is in conflict with a Biba integrity constraint. Constraint conflicts differ from typical policy conflicts in that constraints are never supposed to be violated. That is, a conflict with a constraint results in a policy compilation error, whereas policy conflicts are resolved at runtime. As we have found in the past, when constraint conflicts occur in a specification a variety of resolutions are both possible and practical. In this paper, we detail some key formal properties of constraint conflicts and show how these are useful in guiding conflict resolution. We use the SELinux example policy for Linux 2.4.19 as the source of our constraint conflicts and resolution examples. The formal properties are used to guide the selection of resolutions and provide a basis for a resolution language that we apply to resolve conflicts in the SELinux example policy.

Original languageEnglish (US)
Number of pages10
StatePublished - 2004
EventProceedings on the Ninth ACM Symposium on Access Control Models and Technologies, SACMAT 2004 - Yorktown Heights, NY, United States
Duration: Jun 2 2004Jun 4 2004


OtherProceedings on the Ninth ACM Symposium on Access Control Models and Technologies, SACMAT 2004
Country/TerritoryUnited States
CityYorktown Heights, NY

All Science Journal Classification (ASJC) codes

  • Computer Science(all)


Dive into the research topics of 'Resolving constraint conflicts'. Together they form a unique fingerprint.

Cite this