ACL stands for Access Control List.

ACLs provide security for its data. They can be applied to individual records and fields within those records.  

 (Security access to users )

Types: 

1.table level, record level, field level

None —table level

*  — field level

Crud permissions with help of role 

>>>> (table.none and table.* with out acl access to every one that table and all fields access to abel )(table.none(no role) and table.* (with role ) then only table access to abel , no fields access)

When ever a table is created automaticall four acls created along with one role(if control>> access control on), off means no acls get created even new table also,,

Atleast one role (acl)is needed to see a table ,A new table created and create acl box uncheck and if new acl created on that table (table.none) with no role then every body get access(even with out role).

>>>security_admin role—---------allow user to modify the Access Control List

User must pass both first table level(table.none) and second field level acls (table.* or table.fieldname)

table(*) dot none is created by servicenow to restrict users without admin cannot access table level also.

If you check create access controls box then four acl are created(read,write,delete,create) at the time new table creation.if u uncheck no acl is created.

For single table different access possible : Acl create —- itil, acl read —-admin, acl delete—-itil admin also possible

Order of acl evaluation:(role,condition,script)

Access Control Rules allow access to the specified resource if all three of these checks evaluate to true:

1. The user has one of the roles specified in the Role list, or the list is empty.
2. Conditions in the Condition field evaluate to true, or conditions are empty.
3. The script in the Script field (advanced) evaluates to true, or sets the variable "answer" to true, or is empty.

Table .none (all users, with out role)

table.*(all users, with out role)

Query br for record level security.