A list of user IDs or user ID patterns, associated with a unit of data and one or more operations on that data, that grant or deny access to the specified data and operations. Similar lists are used to assign users to roles, especially data security and administration roles.
For example, in SQL, an ACL consists of a list of user IDs associated with a specific data access privilege that is granted or denied. In ABL, an ACL consists of a list of user ID patterns that might grant specified access permissions to some users, including groups of users, and deny the same access permissions to other users or groups of users. In both cases, the established user identity is tested against the appropriate ACL when it attempts to access a controlled resource.
