This chapter presents the results of the research on how the current standards for access control policies can be extended. In particular, Section 18.1 illustrates how privacy issues can be effectively tackled by means of a credential-based access control that includes anonymous credentials. Section 18.2 shows how the expressivity of policy languages can be exploited to introduce ontologies that model credential taxonomies and the relations among them, with a particular stress on the support for delegation mechanisms. Section 18.3 investigates the privacy issues that arise in those access control systems that are enriched with a dialog framework that enables servers to publish their policies. Finally, Section 18.4 maps these proposals onto a set of possible extensions of the architecture of the current de facto standard in access control policy languages: XACML.