The Burton Group defines an entitlement as:
|An entitlement is the object in a system's security model that can be granted or associated to a user account to enable that account to perform (or in some cases prevent the performance of) some set of actions in that system. It was commonly accepted that this definition of entitlement referred to the highest-order grantable object in a system's security model, such as an Active Directory group membership or SAP role and not lower-order objects such as single-file permission setting.|
Definition by Ian Glazer, in Access Certification and Entitlement Management v1, September 9, 2009.
http://www.gartner.com/technology/research.jsp (login required)