There is a plethora of security standards for protecting network services, specified by numerous standards consortia. These standards support different security requirements and use various syntaxes to represent the security information for different software infrastructures and applications. Open systems often require a more sophisticated security analysis and configuration to safeguard distributed services. A security framework constituting both semantic and meta-reasoning models is investigated in order to reason about the security requirements and security operation of interacting entities within open service environments. Security requirements are defined using security profiles that describe the interlinking of security policies to instances of services. Meta-reasoning refers to the reflection at a conceptual level at which the domain knowledge (ontology) is separated from the control knowledge (profiles): systems can manage and reconfigure themselves without affecting their underlying implementation. Such reasoning is particularly useful within open service infrastructures as it enables us to detect, analyse and resolve multiple-policy conflicts, to decide if a change in the environment necessitates a security reconfiguration, and to decide if a suitable level of security interoperability between heterogeneous systems is achievable. This paper describes a meta-reasoning model for semantic open service environments, an application and an evaluation of the framework and its performance.