Information vulnerability is a major concern for IT security managers and maintaining a secure system without “IP leakage” is a primary goal. Access and permissions to data are controlled by different services within Aras Innovator. In order to have access to data, users must have permissions through the so-called domain access control (DAC) and/or through the role-based permissions. In addition, a user must satisfy any applicable mandatory access control (MAC) policy. This presentation will explain the different access and permission services and show implementation examples.