The overall objective of this research project is to develop a general administrative method and tool for the definition and composition of access control policies in centralized and distributed computer systems. Specifically, the administrative method and tool will allow the definition and composition of a family of separation-of-duty (SoD) policies in role-based, access control (RBAC) systems. The method and tool will be general in the sense that it will allow the definition and composition of a family of SoD policies on different RBAC systems. Although most commercial computer systems support applications that implement their own security policies that are composed with the underlying operating system policy, the result of such composition, and that of composing different application policies with each other within the same systems, is generally unknown and can often lead to security exposure. To date, the systematic definition of families of application-oriented security policies, such as separation of duty, and their composition remains an elusive goal because of the lack of practical methods and administrative tools. The growing commercial interest in this area is largely due to the wide-spread recognition that Web servers may need to support different application policies atop common operating system platforms and networks. COMMERCIAL APPLICATIONS: The security policy definition and composition method and tool, when fully implemented, will provide a significant measure of confidence in the integrity and security of computer systems and network (e.g., world wide web) applications. As such, they will be marketed to both software producers and security service providers to make possible the enforcement and administration of single and composed separation-of-duty policies, and to help eliminate errors that lead to security exposures. The security policy definition and composition method and tool will also facilitate the development of separation-of-duty profiles by any industry, business, or government organization under the framework of the Common Criteria for information security technology