This document proposes a Cross Tenant Access Control model for cloud computing. It specifies a cloud resource mediation service that acts as a trusted third party to facilitate secure resource sharing between tenants. Formal specifications and verification are provided for permission activation and delegation algorithms that govern resource access between tenants. The model addresses limitations of traditional access control for cross-tenant resource sharing in cloud environments.