Traditional access control or authorisation regimes allow you to set up rules so that content stored in a particular place can only be accessed by people with particular permissions. The approach has never quite met the requirements of professional services and other businesses and it is likely that the model will need radical rethinking to cope in a world where tags and other metadata, rather than folders, are used to navigate information.
In knowledge-based industries the value of sharing information is so immense that a 'for your eyes only' approach to authorisation impedes productivity and innovation. Requirements for confidentiality in professional services and other businesses is often linked to information barriers (aka Chinese walls).
Authorisation rules based on information barriers are very different from the traditional drive/folder/group permissions. We need access controls to deal with rules that can be expressed as 'content tagged with client A cannot be viewed by people tagged with client B'. The underlying exclusion principle and the dynamic nature of this kind of authorisation regime make it difficult to represent in permission schemes that follow the file structure paradigm.
The collaborative tools that are put to inspiring use on the open internet need authentication and authorisation in place before they can migrate to the enterprise. Or better still, they need to integrate with existing authentication and authorisation infrastructure. But what if the organisation's existing permissioning infrastructure does not reflect the way information barriers are put in place and content is profiled?