Proposed access control model is based on the ABAC technology with an addition of the special thematic attribute that describes multirubrices assigned to users and documents. Thematic - attributive access control rules in the semantics of the XACML language are presented. These rules ensure formally proved security by criteria of no acquaintance with forbidden information. Technological aspects of the thematic - attributive access control implementation are considered. It is noted that its mechanisms can be used to create adequately and minutely adjusted secure information systems that take into account technical - organizational and thematic - informational enterprise features with no functional limitations, specifically for search capabilities.