This document discusses self-defending data and ORCON (Originator Control), which allows data to persist access controls as it is shared. Self-defending data does not grant access unless requirements are met, is not affected if the computer or network are hacked, audits every access, and allows the originator to revoke access anytime. ORCON extends classic access controls and draws from models like DRM, MAC, RBAC, and ABAC to provide a flexible framework for persisting controls over data as it is shared within and between domains.