ACLs are used to grant or revoke access to resources, data, and systems based on a user’s or group’s identity.