By Deane Barker

The granting of the ability (1) to a specific user, (2) to perform a specific action, (3) on a specific content object.

For example, Bob might have the ability to edit the Privacy Policy.

Permissions are usually granted in aggregate. For example, the Editors group has all permissions over all content. Or, Alice has publish permission on all content in the News section. Additionally, permissions on objects are often inherited from a parent object or folder, rather than being assigned directly.

The technical name for a single permission is an Access Control Entry which are then aggregated into access control lists. The effect of permissions in aggregate is known as the discipline of subsystem of authorization.

This is item #62 in a sequence of 102 items.

You can use your left/right arrow keys to navigate