A security system uses rules to restrict access to objects of a database. These security rules are dynamic because they can adjust when the number of objects in the database is changing. In other words, the security rules can permit access to new objects when new objects are added to, modified, or deleted from the database. With this system, objects can be added to a container by a security administrator or they can be added based upon the triggering or activation of one or more rules. With this system, access to objects in a database is usually determined after each request for access instead of relying on a static permanent list.