A security associations table is a type of table that
documents the relationships between a user and some criterion on which
you are making access distinctions. When access distinctions are
based on each user's place within an organizational hierarchy, the
security associations table must contain a representation of the reporting
relationships within the organization. If access distinctions are
based on some other criterion (such as each user's project assignments),
then the security associations table should reflect that criterion.