Most security implementations support RBAC, or Role-Based Access Control. With roles, it's easy and intuitive to secure access to types, or classes, of data and operations. However, all but the most simplest systems tend to also need a secure access to specific instances of data, such as user profiles or account data. For example, each user may have an access to his or her "own" data, but not to anybody else's. Security frameworks typically require programmatic checks for instance-level access control, which is error prone and time consuming to implement. An Entity-Relationship Based Access Control (ERBAC) secures data instances based on their association with the currently executing subject. Tapestry-security-jpa is a JPA specific implementation of an ERBAC security system for instance level access control, and builds on top of tapestry-security module for Apache Tapestry 5.