This work identifies a fundamental threat posed by quantum entanglement to classical access control: leveraging violations of the Mermin inequality—which certify multipartite quantum nonlocality—it formally proves for the first time that entangled states can circumvent conventional subject-object–based authorization logic, leading to privilege escalation and policy violation. To address this, we propose three novel quantum access control models: (i) a dynamic authorization model based on quantum state projection; (ii) a distributed policy model satisfying multipartite Bell constraints; and (iii) a verifiable execution model integrating quantum key distribution. Under rigorously defined security properties—including confidentiality, integrity, and the principle of least privilege—we formally verify that all three models remain resilient against entanglement-driven attacks. Our results establish both a theoretical foundation and a practically realizable framework for building quantum-resistant, trustworthy quantum computing infrastructures.

Access control is a cornerstone of computer security that prevents unauthorised access to resources. In this paper, we study access control in quantum computer systems. We present the first explicit scenario of a security breach when a classically secure access control system is straightforwardly adapted to the quantum setting. The breach is ultimately due to that quantum mechanics allows the phenomenon of entanglement and violates Mermin inequality, a multi-party variant of the celebrated Bell inequality. This reveals a threat from quantum entanglement to access control if existing computer systems integrate with quantum computing. To protect against such threat, we propose several new models of quantum access control, and rigorously analyse their security, flexibility and efficiency.