In the dLibra system, access to resources is controlled with the use of permissions assigned to users or user groups. Resources are accessed in several steps. First, the system must determine the user’s identity. There are various methods of doing that. When the user’s identity is known, the system can carry out an authorization process consisting in, in general, verifying the user’s permissions to access the resource (function) of the system which the user wants to use. The dLibra system has a multi-level permission system, which is the basis for granting specific permissions to users. The authorization system is supported by a mechanism for creating user groups. If a permission is assigned to a group, every user belonging to that group automatically inherits that permission. Apart from the information in this chapter, we recommend reading the article about controlling access to resources which is published in the dLibra knowledge base.