According to one aspect of the invention, a hierarchy of security domains and a method for granting a user access to the security domains are provided. The hierarchy of security domains includes multiple security levels and relationships between particular security domains. When a user is authenticated and/or authorized for access to a first security domain, the user is tagged as having been granted access to that security domain. If the user attempts to access a related security domain with a lower security level, the user is granted access without having to be re-authenticated and/or re-authorized. If the user attempts to access a related security domain with a higher security level, the user must be re-authenticated and/or re-authorized be access is granted to the security domain with the higher security level.