Application Security, Part 8


Access control lists are available in Windows NT, Windows 2000, Windows XP and Windows Server 2003.  They provide for what may be described as object-centric authorization, in which permissions are associated with objects, such as files and folders.  Object-centric authorization is of very limited interest to application developers, because it is difficult to decompose operations that a user of an application might want to perform into permissions on objects. 


[This posting is provided "AS IS" with no warranties, and confers no rights.]


Comments (3)

  1. Application Security and Active Directory

Skip to main content