Many computer systems have to cope with a diverse set of users requesting access to resources stored within systems. An example of users requesting access involves requests to access a directory-based file system. In this situation, access may be determined by defining access boundaries through analysis of a straightforward hierarchical convention involving the resource.
As an illustration, FIG. 1 depicts a directory-based file system having a straightforward hierarchical convention 30 wherein its items have one parent. The top-level directory “C:\” 32 occupies the top position in the directory hierarchy and is a hierarchical parent of the subdirectories “MYDIR” and “PUBLIC” (34 and 36). Subdirectory MYDIR 34 is itself a parent of the “TEST1.XLS” file 38. Subdirectory PUBLIC 36 is a parent of the “TEST2.XLS” file 40 and “TEST3.XLS” file 42. This type of directory hierarchical structure allows for relatively straightforward security access due in part to the single parent nature of the items in the hierarchy. However, security access issues substantially increase in difficulty when a computer system involves more complex items and relationships.