In a distributed computing system services are provided by computing devices to other, potentially remote, client computing devices. Distributed computing has been found in many applications such as, for example, social networking, online digital mapping, video-sharing websites, collaborative software, remote printing etc. The provision of services in a distributed computing environment has been referred to as software as a service (SaaS). It is often desired to control the services which client computing devices may access, and those client computing devices which may access services.
Access control lists have been used to provide group security management. An access control list (ACL) provides a list of authorised entities as well as every object in the system. An access control monitor may look to the list and determine what entities can or cannot access, share or destroy any object. However use of ACLs requires a reasonable level of expertise and does not therefore offer a simple method to control access to services. Furthermore, the size of an ACL is related to the number of devices which have been granted access to objects in the system and may become large.