Abstract: Policy-based management can meet the requirements of loose coupling in complex distributed system.In order to meet the complex security need, especially the requirements for fine-grained access control over resources, the security policy should not only describe the fine grains for data, but also for public interfaces of the corresponding data.This paper, extending RBAC model, proposes a view concept to describe fine grains of objects.To verify policy rules, the paper proposes constraint states concept and rule states concept to analyze several kinds of conflict caused by subject and object attribute hierarchy.By lexical and syntax analysis, policy documents are disaggregated into certain access control elements.In order to detect and locate these conflicts, semantic graphs are utilized for designing conflict detecting algorithms.