As network speed and storage capacities are rising faster and higher, the remote storage and ‘cloud’ concept is gaining momentum and is becoming increasingly popular with personal users as well as business users. At the same time, privacy awareness and business confidentially are important factors in every cloud and data sharing decision. For these and other reasons, the concept of access control models was developed in order to present complete solutions for privacy and confidentiality control in modern systems. Various access controls methodologies have been suggested in the literature, each simplifying and providing flexibility to previous methods. In this paper we will focus on two main methods which are Role Based Access Control (RBAC) and Attribute Based Access Control (ABAC). We will discuss the benefits and drawbacks of each of them, and therefore the need for a novel approach that combines the benefits of these two techniques. We are proposing a different hybrid model and justify how our suggested model and present why we think our suggested model (Policy RC-ABAC) will be more beneficiary in relation to a specific set of needs focusing on flexibility and auditability.