Definition
Separation of Duty
Separation of duty is a security policy that requires multiple distinct subjects to complete a sensitive task, reducing the risk of fraud or error.
For example, a check over $10,000 may be valid only if signed by two different authorised people. The policy involves role membership and inequality constraints.