Network isolation system integrates various technologies to achieve its high-security performance and access control is an indispensable one among them. In order to control and manage accesses to all the services provided by network isolation system, we need to establish an efficient access control model and make a set of fine-grained rules for the model. In this paper, we analyze service access control requirements in network isolation system firstly. And, according to the special running environment, we propose a hybrid service access control model based on RBAC (Role- based Access Control) and PBAC (Police-based Access Control). Then, we research rules making and realization method of the proposed model. In the end, we realize the hybrid model and its configuration.