Restricted Access
This property overrides the normal behaviour of Framework objects which is to inherit their use authority from their parent.
Normally, for example, if a user has authority to use an application, they will automatically have authority to use a business object in that application. But if the business object has Restricted Access checked, then it will not inherit USE authority from its parent application. The administrator will have to specifically authorize the user to that business object to allow the user to use it.
In most cases Restricted Access should be left unchecked, so that authorities specified at a higher level will cascade to all child objects. This makes authority specification easier.
There is one case however, where you may find it useful to check Restricted Access. Suppose you have already set up a Framework, all your users, and their authorizations. Now you wish to add a new object (application or business object or command ref) to the Framework. For this new object you do not want users who are authorized to its parent to automatically get authority to the new object. In this case you would check the new object's Restricted Access property.
This property is in the Commands Enabled tab and the Identification tab.