Skip to Main Content
Access control is the central mechanism for achieving security requirements in information systems. The guarantee of the security requirements, described by access control policies (ACPs), cannot be obtained when there exist conflicts in ACPs. In this paper, we propose an improved access control model that is flexible and effective for conflict analysis of ACPs. We analyze three types of policy conflicts in this model, which are modality conflict, redundancy conflict and potential conflict, and then the respective resolution methods are proposed. Finally, we prove that these methods can effectively resolve conflicts in ACPs, and that after resolving the potential conflicts, the policies cannot derive any actual conflict.