In this video Henning Koch from makandra introduces four design guidelines that help implementing the most complex authorization requirements in a clean and concise fashion. Code examples are in Ruby on Rails, but the principles can be applied to other technologies as well.