In previous work we successfully modularized the Java access control architecture. The approach consists in expressing access control using restriction aspects scoped with an appropriate scoping strategy. In this work we briefly explore how restriction aspects and scoping strategies make it possible to express novel and useful access control policies in a direct manner.