Methods and apparatus, including computer systems and program products, that relate to a security policy user interface. The methods feature a machine-implemented method that includes presenting labels of multiple security policies, receiving input specifying a selected security policy, and securing a first document according to the selected security policy. In that method, each security policy specifies criteria that governs use of an electronic document and has an associated security mechanism. Moreover, security mechanisms of a number of the multiple security policies distinctly enforce security of a document, and presenting labels of multiple security policies includes presenting at least two labels of two respective security policies such that a detailed description of a respective, associated security mechanism is left out. The security policies can be declarative security policies. At least one of the labels can include an abstract of a corresponding security mechanism.