A fine-grained controllable delegation authorization model (FCDAM) suitable for open environments is presented. It integrates the merits of both RBAC (role based access control) and role-based trust management and can effectively control the propagation of permissions of different sensitivity levels in roles. An approach for assigning trustworthiness thresholds to permissions in local access control policy is discussed. The RT₀ framework is extended to support trustworthiness and the algorithm of calculating the values of trustworthiness of entities in the extended framework is proposed. The usage of the FCDAM model is illustrated through a typical example.