User Access Control Management System

Access control mechanisms are needed in almost every system nowadays to control what kind of access each user has to which resources and when. On the one hand access control systems need to be flexible to allow the definition of the access rules that are actually needed. But they must also be easy to administrate to prevent rules from being in place without the administrator realizing it. I present the implementation and architecture of a system that allows definition of access rights down to the single function and user level. I use hierarchies on users and groups, hierarchies on access rights and hierarchies on system page and function. These hierarchies allow a maximum of flexibility and still keep the system easy enough to administrate. User Access Control Management System supports positive as well as negative permissions.