Cross-domain information exchange is a growing problem, as business and governmental organizations increasingly need to integrate their information systems with those of partially trusted partners. Current identity management and access control technologies operate only within a specific domain and are unable to scale to the asymmetric, heterogeneously administered, and highly restrictive security policies of cross-domain environments. We approach the problem as one of adjustable autonomy, in which the human administrator needs to encode policy intent in a way that allows routine decisions about policy interactions to be safely delegated to the machine. In this paper, we present work toward such a system, combining a lattice representation of access control decisions and client attributes with search through a space of cross-domain mapping relations. This combination enables a policy resolution algorithm that resolves routine policy interactions while flagging potential conflicts for ...