SharePoint Permissions... Part 2
 
Dependencies and descriptions
Most of the permissions are dependent on other permissions. When choosing a permission which has dependencies on other permissions, these are automatically selected.
For permissions who have dependencies, visit the following link:
http://office.microsoft.com/en-us/sharepointtechnology/HA101001491033.aspx#3
Tips on Administration of SharePoint Permissions

It is suggested that at the beginning one uses the standard SharePoint groups which are site name owners, site name members, site name visitors. It is recommended to make most users as visitors or members...
Ideally, the administrator will create groups in order to manage user as it is rarely feasible to maintain user accounts directly.
·         Anyone with Manage Permissions permission is able to create SharePoint groups and assign permission levels.
·         List/Library admins can restrict permissions to their items by adding or removing users/groups. The same applies for list item or document creators.
SharePoint supports the following kinds of identity management systems as authentication providers:
·         Windows: this is the default option. In most networks Active Directory is used as the sort of Windows credentials. This works well with SP however, it is not a requirement.
·         Non-Windows: This is form-based authentication. ASP.NET login forms are used to access some kind of identity management system.
·         Windows trusted: example: Single Sign-On Service. This allows users to access SharePoint’s resources without making use of the user’s actual credentials.
 
SharePoint’s Authorization Modelimg406/7233/62836941gh3.png
Principal – users granted permission to access the source.
Permission Level – this is the set of individual permissions associated with a principal. These permissions are individual rights such as view page or add item permission.
Securable object – the resources you can limit access to in SharePoint