The ACLManager in Business Process Server follows the butterfly modeling concept for security. This model gives you more flexibility and better control. In the butterfly model, users, resources and actions are the basic entities, and the relations between these entities are controlled by granting/revoking rights. In this model, users are the subjects of accesses, resources are the objects of accesses, and actions are the operations performed by the users on the resources. In Business Process Server, the users can be Business Process Portal users and/or groups, resources can be any of the Business Process Server components and/or resources, and actions are the list of possible operations you can perform on these resources. For more details about the Business Process Server resources and actions see,
Business Process Server resource hierarchy.