P.S. There has been some discussion to provide an out-of-the-box data model that would employ what the Ki team feels are best practices, specifically to kick-start many users who don't really want to think about the data model design of flexible security systems. If created, it would definitely be purely optional.
To build on Les' comment here, many users have expressed a desire for an out-of-the-box security solution that includes read/write support and an optional interface for managing it. This could be very useful for new projects that want to get security up and running quickly. This would be probably be provided as an optional module that would build on top of the core JSecurity module and add write support and a basic UI.
Check out this earlier thread and see if it sounds like what you are after:
http://markmail.org/thread/rlu6cjz3wghwuiht
