ACL authorization
If access control list (ACL) authorization is enabled, the identities and protection modes for some object types are administered through policies, which define permissions for roles; and rolemaps, which map the roles to principals.
You can use ACLs to protect the VOB object, policies, rolemaps, and elements (other object types, such as branch types and label types, must be secured by the protection mechanisms of the operating system; see Access control for other VOB objects for more information).
You administer policies and rolemaps using cleartool policy and rolemap commands or VersionVault Explorer GUIs.