Overview#Resource Action is the specific Action that may be performed on a Target Resource.
Or Example we could have Resource Actions:
Though HTTP GET and HTTP DELETE coordinate well, HTTP POST, HTTP PUT, and HTTP PATCH aren’t directly synonymous with a single CRUD operation. For example, HTTP POST doesn’t necessarily only mean “Create”. It’s actually a very versatile method — so versatile that the entire SOAP protocol is tunneled through the HTTP POST method when used with HTTP.
Since HTTP Methods don’t map cleanly to CRUD, Ulsberg argues that API providers should consider how they might describe their APIs in a different way: "Don’t limit yourself to CRUD when you design a REST API. You should read the specification and understand the semantics of each method, and use it properly." What it comes down to is that REST is an Architecture Model, not a protocol.
More Information#There might be more information for this subject on one of the following:
- Access Control
- Consent Mechanism
- Contextual Attributes
- Lattice Based Access Control
- Next Generation Access Control
- Policy Based Management System
- WIKI-Security Policy
- Web Blog_blogentry_031017_1