Access control system for collaborative environments tend to be rather comp
lex. This leads to difficulties in the presentation and manipulation of acc
ess policies at the user-interface level. This problem becomes even more im
portant due to the high dynamics of collaborative work settings. This paper
presents a user-centered approach, the central concept of which are access
statements. These statements are based on the results of a field study and
represent permissions or denials for arbitrary scopes, encompassing - amon
g other factors - users, documents, roles and time-intervals. We describe h
ow this approach has been implemented within a commercial groupware system
and the results of an evaluation using the thinking aloud method.