"... In PAGE 35: ...Table1... ..."

"... In PAGE 11: ... All of these contributory factors were made more likely by the lack of a formal permission to work scheme of lockout procedures for ad hoc maintenance such as that performed on the circuit breakers. Table3 presents some of the results of mapping these causal factors back to violations in the IEC 61508 lifecycle requirements. A justification helps others to understand why investigators identified particular problems in the development or operation of the system.... In PAGE 14: ...Investigators can use the causal summary chart illustrated in Table3 to help identify potential recommendations. Table 4 illustrates one format that can be used to document and justify domain and incident dependent recommendations.... ..."

"... In PAGE 6: ... There are no inherent constraints on the number of roles and permissions, or on the relationships betweens the roles or permissions. To illus- trate our implementation, consider a simple example with a single user with three roles and a Grid resource with three permissions, as shown in Table1 and 2 respectively. The role and permission hierarchies for this example are shown in figure 9.... ..."

"... In PAGE 4: ...Table 3: Example of an administrative permission Table3 shows an example permission. It authorises an ad- ministrator to view and change users, assign and deassign roles, and view roles and their assignments for the cost cen- ters 521, 5211 and 523 from the scope hierarchy in figure 4.... ..."

"... In PAGE 9: ...NET it is possible to provide just append access to a file. Table3 reveals that both platforms suffer from the lack of a systematic design in their permissions. Many of these permissions are based on protecting methods provided by the platform API, rather than protecting security-critical resources.... ..."