Abstract: In order to ensure system security and reflect flexibility in delegations, a fine-grained constrained delegation model was proposed by introducing the transferable capability which was independent of the role concept and could transfer all or part of delegators’ permissions. The model can support the fine-grained, constrained and multi-step delegations. Two methods of construction and reduction were adopted to verify the consistency of delegation constraints. Theoretical analyses and delegation examples showed that the model is secure and flexible