Abstract: 

DYNIDENT is a program installed with privilege that lets selected
unprivileged users grant/revoke selected rights identifiers. This
lets the proper 'data owners' (e.g. project leaders) dynamically
change access to files without bothering the system manager.

Unlike AUTHORIZE, DYNIDENT keeps track of time/date for when an
identifier was granted to a particular user, and also records
which user used DYNIDENT to grant the identifier. Users allowed
to 'control' identifiers through DYNIDENT can also list grants
already in effect, which identifiers they are allowed to control,
other users that can control a given identifier, etc.

The system manager must maintain a text file which defines who
can control which identifiers with DYNIDENT. The concept of 
'controller of a given identifier' is added to the existing VMS
concepts of 'identifier holder', 'identifier' and 'access control
list'.