There is a plethora of different security standards proposed by a range of standards consortia, including the IETF, W3C, and OASIS. There are also sometimes multiple configuration settings for a given security specification. In a heterogeneous open service environment, the variety of security standards and possible settings used can hinder security interoperability, because a common security configuration may not be able to be agreed upon in advance. In this paper, we have developed a generic security model expressed in an XML extension (DAML) and have investigated how to ground this in order to reuse the security specifications from various standards consortia. We have applied this model to support security discovery and dynamic security reconfiguration for use within open service infrastructures.