1. Field of the Invention
The present application relates generally to access control lists and other databases.
2. Description of the Background Art
A relation may be defined as a set of n-tuple elements. More particularly, a binary relation may be defined as a set of pairs (2-tuple) elements. Many databases, including access control lists (ACLs), are binary relations or contain binary relations.
In a simple access control system, an ACL keeps track of the user accounts (users) that have permission to use a given resource. The resource may be a file, or a network machine (with an internet protocol address), or a service provided by a port on a network machine, for example.
Such an ACL may have a very large number of entries. As a simple example, if one thousand users each had permission to use one thousand different resources, then the ACL would have a total of one million (one thousand multiplied by one thousand) entries. As the number of users and the number of resources grow, the size of this representation becomes extremely large and unwieldy.
Management of access control lists and other databases becomes more difficult with their increasing size. Moreover, redundant representation of information causes difficulty in the maintenance of such databases.