Maintenance of security of electronic documents such as files is an important aspect of any multiuser system. Various users may have various access rights for a given document. For example, some users may be denied access to it, some may be allowed to only read it, some may be allowed to read as well as modify it whereas some others may be able to only execute it. Both the maintenance of the access rights of the various uses for the different documents stored on the system as well as controlling document access in accordance with these stored access rights are crucial for a successful system operation.
Document management systems, or file management systems, also to be referred to as file server security systems, e.g., SharePoint, have an established paradigm of applying security policies providing access to files. Each document and folder has an “Access Control List” (ACL), which specifies users and groups who have access to the document and folder, and security access rights they have to the document and folder. Documents in folders inherit permissions of the folder and may override the privileges of an individual document, if necessary. This paradigm works well for some situations; however it only provides a hierarchal approach to applying security access policies to documents and folders in a document management system. This approach becomes less effective when administrators need to apply different security policies to each document, which makes defining the security access policies very time consuming.
Therefore there is a need in the industry for developing an improved process for providing security access policy in a document management system.