Abstract: An access control list is identified that, for a specified data item, defines, for each of a set of access levels, one or more entities that are collectively to authorize access to the data item according to a respective access level. The access control list is translated into a sequence of instructions implementing a smart contract. The smart contract is to transmit requests to entities for authorization to allow a specified requesting entity to access the specified data item. Based on responses to the transmitted requests, the smart contract is to generate a first token that enables access to the specified data item according to a first level of access or a second token that enables access to the specified data item according to a second level of access. The sequence of instructions is transmitted to one or more nodes of a distributed ledger network.