Skip to Main Content
Using roles for modeling organizations has become common in commercial policy based access control systems and widely accepted in policy based management research for the grouping of policies. In this paper we argue that the role abstraction is inflexible in the face of many forms of organizational change and thus only an appropriate abstraction for mostly static organizational structures. We describe a novel policy grouping abstraction based upon communities. We ground the community-based approach through an application to dynamic spectrum access.