Policy-based management of the security of a military communications network can simplify the configuration process, while increasing security and availability. An effective policy-based approach requires analysis of policies for inconsistencies, and for desired security properties. It also must provide for the refinement of high-level security goals into concrete policies. This paper defines a language based on first-order logic formulae containing explicit time arguments which is expressive enough for specifying a range of authorization and obligation security policies, while supporting the formalisms and automated tools needed for analysis and refinement. Both system behavior and the semantics of the policies themselves are defined in terms of execution traces, to enable reasoning about algorithmic solutions to policy analysis. The paper also proposes some analysis tools based on the use of logical abduction.