We present and study a Modal Access Control Logic (M-ACL) to specify and reason about access control policies. We identify canonical properties of well-known access control axioms. We provide a Hilbert-style proof-system and we prove soundness, completeness and decidability of the logic. We present a sound and complete embedding of Modal Access Control Logic into First-Order Logic. We show how to use SPASS theorem prover to reason about access control policies expressed as formulas of Modal Access Control Logic, and we compare our logic with existing ones.