Abstract: A system and method for managing user access to objects in a computer system when a request to access the object is received. The user, operation and object are identified and matched against one or more Venn relationship rules to determine if they match any of the rules.