Zend_Acl provides a lightweight and flexible access control list
(ACL) implementation for privileges management. In general, an
application may utilize such ACL's to control access to certain
protected objects by other requesting objects.
For the purposes of this documentation:
a resource is an object to which access is controlled.
a role is an object that may request access to a Resource.
Put simply, roles request access to resources. For example, if a parking attendant requests access to a car, then the parking attendant is the requesting role, and the car is the resource, since access to the car may not be granted to everyone.
Through the specification and use of an ACL, an application may control how roles are granted access to resources.