ACL

An ACL consists of a set of ACL entries. An ACL entry is analogous to a policy element 4#4, where all conditions are access identity.

Consider a policy: ``Tom and Bob can read and write file 1#1''. We can translate this policy into our policy model as:
``Tom (condition 66#66) and Bob (condition 67#67) can read (positive right 68#68) and write (positive right 69#69) file 1#1 (object 70#70) ``. We need four policy elements to represent this policy:

71#71

This way of specification and storage of the policy is tedious and inefficient.

To represent an ACL, we adopt three modifications to the representation of a policy element 4#4 specified in():

1. An ACL is associated with each object, so the object is implicit and is omitted from the policy elements.

2. Conditions are listed first, then access rights. This order is closer to the traditional ACL specification.

3. We allow disjunction of either positive or negative access rights.

Now we need only two ACL entries to represent the policy:

72#72

Furthermore, if we allow conditions to be aggregated into a single entry when the same set of access rights applies to all of them, we need only one policy statement to represent the policy: 73#73.

32#32 function returns all policy statements associated with the given object. The returned set of policies 74#74 conceptually represents an ACL associated with the object 33#33.