FunctionalAccess breaks the system down into a set of functions. For instance on a wiki those could be reading, editing, searching, access to the site logs, etc. Each member of the community has a different access level (usually "ALLOWED" or "DISALLOWED") for each function. These can be twiddled on or off as necessary for the person's intended role in the system.
Most FunctionalAccess systems work best when all citizens have a basic set of abilities they all share. Most of the additional abilities should be maintenance roles (and thus unfun) which are given to people along the lines of PeerPrivilege. The remaining set of privileges are administration roles, the ones with real power like the ability to kick a user out. Those should be given away with great care for they are easily abused. Especially if access becomes a competition as this system can certainly encourage. In this manner FunctionalAccess can become a form of ClassStriation.
The most common instance of FunctionalAccess in OnlineCommunities is a binary separation of programmers from non-programmers (often with a single GodKing as programmer). In MUDs the programmers are the wizards. FunctionalAccess becomes AccessLevels.
FunctionalAccess is most flexibly implemented as AccessControlList?s such as favored by many for controlling access to file systems (see OperatingSystemSecurityForCommunitySecurity).
[HardSecurity] CapabilitySystem