The working environment of e-business is characterized by open networks and cross-company business transactions, replacing closed and monolithic systems. In this environment, secure data access is a central aspect of doing business. As a result, access to digital information is typically managed using one or more authorizations. Also, in the world of Web services, access will depend more and more on authorization. In this environment, ways of rationalizing the authorization process and authorization status will be key.
Some existing systems manage authorizations by assigning information instances (such as a document) to an actor in the system (such as a user). This approach is used in role-based access management systems. As another example, some existing systems assign particular actors to individual instances. This approach is implemented in the “access control lists” used in products from Microsoft Corp.