[malandrew]

Unfortunately Amazon is the only cloud provider out there with a robust ACL system.

Is there an open industry standard for implementing ACL policies flexibly like the one Amazon has?

[garblegarble]

http://en.wikipedia.org/wiki/XACML would be one - it can be a little complicated, but if you can get over that it's quite nice and also adds the idea of an Obligation (something that must be performed on a grant/deny - for example, logging/e-mailing)