Due to the growing use of the internet, more and more critical processes are running over the web such as e-commerce. Internet allows commerce and business between parties who are physically distant and do not know each other doing the transaction. For the effective operation of the web application and e-commerce applications, security is a key issue. Various aspects of security are relevant to e-commerce such as database security. The availability of e-commerce, user transactions are no longer bound to traditional office-centered environment, but it can be started virtually anywhere at any time. It was moving from closed environment to open environment. In this paper, we clearly define the privacy-aware access control requirements. We also investigated few existing access control in the context of this requirements. We build an assessment criteria in our comparison based on the requirements defined which we finally used it later as a guidelines to design an access control for e-commerce application.