We present our work-in-progress FROST, a core technology layer upon which shared ecosystems can build products and services around the sharing of access rights to data and resources. Such fine-grained access control, including the ability to delegate both access rights and the permission to specify and enforce access controls, are articulated via policies composed in our FROST language, which is implemented as a deep embedded DSL. We emphasise the extensible nature of the language: firstly, attributes capture the properties of information required to evaluate policies, notably those pertaining to the subjects, resources and contexts described. Then specific attributes required in use cases or application, e.g. payment aspects, may be "plugged in" to FROST, extending the syntax and semantics of the language. A feature of the language's extensibility lies in its expressiveness: by a functional completeness property over the 4-valued Belnap bi-lattice, any composition operation over policies can be expressed, offering considerable flexibility in combining policies – including the ability to manage policy gaps and inconsistencies. The FROST language also provides mechanisms for expressing policies with associated obligations, such as payment fulfilment for rendered and consumed access. Policies expressed in the FROST language can be compiled into Boolean circuits as a faithful lower-level representation, allowing further optimisation for deployment onto devices. Such circuits also serve as the building blocks for policy analyses whose insights can support both validation and verification. This work builds on past academic research around the PBel language done by Glenn Bruns (at Bell Labs at the time) and Michael Huth (Imperial College London).