Access control for objects having attributes defined against hierarchically organized domains containing fixed number of values

What is claimed is: 1. A computing system comprising: a relational database server to store a plurality of objects representing digital entities of interest on a non-volatile storage, each object having corresponding attributes, wherein each object of said plurality of objects is represented in a corresponding set of tables in said relational database server, wherein the attributes of each object are represented as respective columns of the corresponding set of tables, wherein instances of each object are stored as respective rows of the corresponding set of tables, with the value of the attributes of the object being stored in the respective column of the row, wherein said relational database server allows access to said plurality of objects using SQL (structured query language) queries, wherein each attribute is stored with a corresponding attribute value in the respective column in said relational database server, wherein the attribute value is one of a plurality of values organized as hierarchically organized domains, with the set value of each attribute expressing the corresponding characteristic of the corresponding entity; an administrator system comprising a memory and a processor, said memory to store instructions and said processor to execute said instructions stored in said memory to cause said administrator system to perform the operations of: receive data indicating said plurality of hierarchies of hierarchically organized domains; display on a display unit at a first time instance, the values of the corresponding domains in each hierarchy of said plurality of hierarchies along with a plurality of user entities; enable an administrator to specify a first combination comprising a user entity from said plurality of user entities, a first value from a first plurality of values of a first hierarchy and a second value from a second plurality of values of a second hierarchy, said first hierarchy and said second hierarchy being contained in said plurality of hierarchies; and enable said administrator to specify a first security rule permitting or denying access for said first combination of said user entity, said first value and said second value; and a server system operable to: receive a user request requesting access to objects stored in said relational database server from said user entity; determine that a first object stored in said relational database server is required for processing said user request; check whether said first object has stored in said relational database server a first attribute value and a second attribute value respectively matching said first value and said second value specified in said first security rule; and enforce said first security rule to permit or deny access to said first object as specified in said first security rule in further processing of said user request if said match is present and not enforce said first security rule otherwise, as a response to said administrator having specified said first security rule for said first combination. 2. The computing system of claim 1 , wherein access to said first object is performed using a first SQL query, wherein to perform said determine, said check and said enforce, said server system appends a condition to a WHERE clause of said first SQL query, said condition designed to check whether the values stored in said first attribute and said second attribute of said first object respectively matches said first value and said second value. 3. The computing system of claim 2 , wherein said server system is a financial application server executing a financial application, wherein said plurality of objects are application objects defined by said financial application and stored in said relational database server. 4. The computing system of claim 1 , wherein said server system is further operable to: receive a second user request requesting access to objects stored in said relational database server from said user entity; determine that a second object stored in said relational database server is required for processing said second user request; check whether said second object has stored in said relational database server a third attribute value and a fourth attribute value respectively matching said first value and said second value specified in said first security rule; and enforce said first security rule to permit or deny access to said second object as specified in said first security rule in further processing of said second user request if said match is present and not enforce said first security rule otherwise, as a response to said administrator having specified said first security rule for said first combination. 5. The computing system of claim 4 , wherein each domain of said hierarchically organized domains contains a corresponding fixed number of values. 6. A method of controlling access to objects from an administrator system, said method comprising: receiving data indicating a plurality of hierarchies from a relational database server, wherein said relational database server stores a plurality of objects representing digital entities of interest on a non-volatile storage, each object having corresponding attributes, wherein each object of said plurality of objects is represented in a corresponding set of tables in said relational database server, wherein the attributes of each object are represented as respective columns of the corresponding set of tables, wherein instances of each object are stored as respective rows of the corresponding set of tables, with the value of the attributes of the object being stored in the respective column of the row, wherein said relational database server allows access to said plurality of objects using SQL (structured query language) queries, wherein each attribute is stored with a corresponding attribute value in the respective column in said relational database server, wherein the attribute value is one a plurality of values organized as hierarchically organized domains, with the set value of each attribute expressing the corresponding characteristic of the corresponding entity, said plurality of hierarchies being contained in said hierarchically organized domains; displaying on a display unit at a first time instance, the values of the corresponding domains in each hierarchy of said plurality of hierarchies along with a plurality of user entities; enabling an administrator to specify a first combination comprising a user entity from said plurality of user entities, a first value from a first plurality of values of a first hierarchy and a second value from a second plurality of values of a second hierarchy, said first hierarchy and said second hierarchy being contained in said plurality of hierarchies; enabling said administrator to specify a first security rule permitting or denying access for said first combination of said user entity, said first value and said second value, wherein a server system, in response to said administrator having specified said first security rule, upon receipt of a user request requesting access to objects stored in said relational database server from said user entity, is operable to perform the actions of: determining that a first object stored in said relational database server is required for processing said user request; checking whether said first object has stored in said relational database server a first attribute value and a second attribute value respectively matching said first value and said second value specified in said first security rule; and enforcing said first security rule to permit or deny access to said first object as specified in said first security rule in further processing of said user request if said match is present and not enforce said first security rule otherwise,