About access control lists (ACLs) and security IDs
Page-level and data security use the same security mechanism in Actuate BIRT Designer: access control lists.
An access control list (ACL) is a list of security IDs that tells iServer which users have access to a particular item in a report or data object. A security ID can be either a user name or a role defined in iServer. Typically, you use roles because they are more permanent than user names. A role can be assigned to different users at different times as employees leave or change positions.
To implement page-level and data security in Actuate BIRT Designer, perform the following tasks:
For the item’s Access Control List Expression property, specify an expression that evaluates to a security ID or a list of security IDs.

Additional Links:

Copyright Actuate Corporation 2012