Management systems typically include a management authority (i.e., a management server) and multiple computers or computing devices. Entities or users are given selective access or authorization to the computing devices. In particular, access or authorization is given to applications, programs, and/or data provided by the computing devices.
Typically, authorization is given to users to perform a particular action, which is applied in general to all computing devices and/or applications in which the action applies. Authorization is not scoped to a particular class of computing devices and/or applications or scoped to a particular instance. A user may be given broader authorization than desired. The user may be able to access or control more applications and/or computing devices than the management authority desires.
In many instances it is desirable to scope or limit users to perform actions or have authorization as to specific computers and/or applications. Such authorization or scoping may be to a class space or an instance space. For example, this authorization may limit access of the user to a specific instance of a particular application provided by a particular computing device.