It is common for large organizations to operate numerous computers linked together by one or more data communication networks. A large part of the operation of the computers may be controlled by application computer software programs that allow the computers to perform desired functions. In some organizations, the total number of application programs may be in the hundreds.
In many cases, each application program is accessible by a considerable number of users. Conventional computer system security practices call for access to each application program to be limited to a specific list of users. It is also frequently the case that among authorized users of an application program, various levels of access may be defined. Typically, a data structure known as an “access control list” is associated with each application program that runs on a computer of the computer system. The access control list stores data that identifies authorized users of the application program, and if appropriate also indicates the level of access assigned to each authorized user.
Although the access control list mechanism allows for assignment of user access on an application-by-application basis, it is not conducive to global management and oversight of access assignments for application programs. Among other shortcomings of access control lists, such lists do not per se allow system administrators to assure that undesirable combinations of assignments are not made.