Techniques for implementing a node-based access control system are described herein. In various embodiments, a server computer stores a node based access control policy system wherein each node identifies a resource and an access control policy for the resource. The server computer identifies an access control policy for a first node and an identifier of a second node wherein the second node is a parent node to the first node. The server computer maps an effective access control policy identifier to the access control policy for the first node and the identifier of the second node. The server computer stores data associating the effective access control policy identifier with the first node. The server computer identifies an access control policy for a third node and an identifier of the second node, wherein the second node is a parent node to the third node and wherein the access control policy for the third node is equivalent to the access control policy for the first node. The server computer then stores data associating the effective access control policy identifier with the third node.
展开▼
