Fine-Grained Authorization (FGA), also called Relationship-Based Access Control (ReBAC). Based on Google's Zanzibar paper. Authorization data is stored as tuples (subject, relation, object) — e.g. 'user A editor project X' — which form a graph whose nodes are entities and whose edges are relations. Permissions are then expressed as rules over this graph: checking a permission is equivalent to asking whether a path exists from the user to the resource under the given rules. Enables schema-level dependency analysis, id-only traversal (no intermediate object loading), result caching with dependency-aware invalidation, audit paths explaining why access was granted, and reverse lookups (list users with permission X on resource Y).