This paper is made available for review purposes only.

Abstract With the advent of wide security platforms able to express simultaneously all the policies comprising an organization's global security policy, the problem of inconsistencies within security policies become harder and more relevant. We have defined a tool based on the CHR language which is able to detect several types of inconsistencies within and between security policies and other specifications, namely workflow specifications. Although the problem of security conflicts has been addressed by several authors, to our knowledge none has addressed the general problem of security inconsistencies, on its several definitions and target specifications. 1 Introduction Over the years several access control policies have been proposed in the literature. Although these policies cover many different situations and types of information, they are often considered in isolation, which is not suitable for organizations with complex structures, managing simultaneously several types of information, thus requiring the simultaneous use of different access control policies. Moreover, policies are often scattered over different environments, which makes understanding and managing of global policies much more difficult. Lately there has been a considerable interest in environments that support multiple and complex access control policies, [5, 11, 16, 13]. The goal of these environments is to provide support for the definition of all policies comprising the global security policy of an organization into one single platform, thus simplifying management and consistency maintenance