Skip to content
SynAc
Term

constraint

A limitation on the function of an identity, role, or privilege. (See: rule-based access control.)

Senses

(I) /access control/

A limitation on the function of an identity, role, or privilege. (See: rule-based access control.)

Tutorial: In effect, a constraint is a form of security policy and may be either static or dynamic:

  • "Static constraint": A constraint that must be satisfied at the time the policy is defined, and then continues to be satisfied until the constraint is removed.
  • "Dynamic constraint": A constraint that may be defined to apply at various times that the identity, role, or other object of the constraint is active in the system.
References
  • IETF RFC 4949 (Internet Security Glossary)Jan 06, 2026
    RFC 4949 — Internet Security Glossary (Version 2)
    https://www.rfc-editor.org/rfc/rfc4949.txt
    RFC 4949 is published by the IETF Trust and marked as "Distribution of this memo is unlimited". Verify IETF Trust copyright/licensing terms for reuse.
    Source: IETF RFC 4949 (rfc-editor.org).