Access　control,　what　is　a　core　technology　in　information　security,　has　been　widely　used　cloud　web.　It　is　used　to　distribute　objects’　resources　to　subjects　according　to　some　principles.　But　until　now,　most　traditional　access　control　models　are　focused　on　the　distributional　principles;　the　security　of　systems　is　always　ignored.　Protecting　data　and　resources　in　computers　from　threats　and　attacks　is　also　an　important　aspect　in　access　control,　especially　in　cloud　web　where　there　are　a　great　deal　of　threats　and　attacks.　In　this　paper,　we　introduce　the　present　situation　and　related　work　of　access　control.　Then　we　analyze　the　security　problems　in　computer　systems　with　traditional　access　control　model,　and　get　the　prisoner’s　dilemma　in　it　through　Nash　equilibrium.　To　solve　this　dilemma,　we　applied　repeated-game　theory　to　access　control　and　build　a　new　model　RTAC.　The　ultimate　goal　of　RTAC　is　to　encourage　subjects’　honest　accesses　and　discourage　subjects’　malicious　accesses　through　Nash　equilibrium.　At　last,　we　perform　some　experiments　and　show　the　advantages　of　RTAC　over　the　traditional　access　control　model.　©　2015　SERSC.