This paper reports on an ongoing effort to document the security architecture for the Joint Simulation System (JSIMS), a joint military modeling and simulation system. It also describes the use of the security architecture to support the accreditation of the system. JSIMS is a distributed modeling and simulation system that will provide a joint training environment using a number of military simulation models. The training objective of JSIMS requires it to simultaneously manage information at multiple levels of classification, typically at multiple sites. The JSIMS security architecture must coordinate not only enclaves at different classifications, but also the independent operating environments and configurations of the multiple stakeholders. These include the military branches-both warfighting and intelligence organizations-and their separate designated approving authorities. It has therefore been necessary to develop the security architecture with sufficient breadth and flexibility to describe a variety of JSIMS instantiations, allowing an integrated accreditation by the multiple authorities, and so avoiding the confusion and expense of multiple independent accreditations. Consequently, it is important that all the stakeholders have had substantial involvement in the security architecture development. The JSIMS extended security team (including stakeholder representatives) has addressed the objective of flexibility by establishing a base, logical architecture; creating related architecture views and mapping them to the base architecture; and facilitating frequent review by developers, anticipated users, and accreditors. That approach has led to a result that has been effective in meeting system-wide security objectives, particularly keeping JSIMS on track toward an accreditable system.