摘要 |
Implementations of various technologies, including methods, systems and apparatus, for managing a request from a user to access an object. In one implementation, a determination is made as to whether the user is denied or granted access to the object based on a policy (step a). If the user is neither denied nor granted access to the object by the policy, then a determination is made as to whether the user is granted access to the object by an access control list (ACL) for the object (step b). A conclusion is then made as to whether the user has access to the object as determined by steps (a) and (b). |