To effectively participate in modern coalitions, member organizations must be able to share specific data and functionality with coalition partners, while ensuring that their resources are safe from inappropriate access. This requires access control models, policies, and enforcement mechanisms for coalition resources. This paper describes a family of coalition-based access control (CBAC) models, developed to provide a range of expressivity with an accompanying range of implementation complexity. We define the protection state of a system, which provides the semantics of CBAC-based access policies. Finally, we briefly examine some of the issues for coalition access policy development and administration, and them complexity of implementing access enforcement mechanisms in a coalition environment.