In apstrata, data & digital assets are persisted in a database container called a Store. Individual data items persisted in a Store are called Documents.
All Documents saved in an apstrata Store are secured individually with ACLs (from wikipedia: Access Control Lists), allowing developers to specify the Users and/or Groups that can view, update or delete a Document, or more granularly individual fields within that Document. In addition, apstrata provides a "gate" ACL system per Store, allowing a developer to decide the Users and/or Groups that are permitted globally to create, read, update or delete documents on that Store.
A developer can create any number of Stores (limited only by his apstrata account type) to persist different types of data from his application, this would be dictated by security, scalability or application partitioning reasons. As an example the developer might create a Store called PO for his purchase orders repository and another one called Catalog for his inventory description and images.
Apstrata Stores are transactional, allowing the developer to run reliably Atomic bundles of persistant operations (Create, Read, Update, Delete) that will succeed or fail together.
Upon creation, apstrata accounts are configured with a store named "DefaultStore". An account owner can delete this store and create others if needed.
As described above, ACL settings on each store specify who can invoke each of the SaveDocument, DeleteDocument, GetFile, and Query services in general. For more specific details about Store configuration parameters, please check the SaveConfiguration API.