For an application that is split in multiple logical layers how does one go about authorization?
What are the available options? Are there some existing frameworks out there? n Where should these checks be performed in the Service layer?
Security is a cross cutting concern (like logging, validation, caching and so on) and since of this you don't code this in the domain model. The application layer should allow only an authorized call to reach the domain layer.
Usually, security at the gate is the preffered approach. This means that you apply security as top as you can in the call stack (even starting from hiding some buttons in the UI).
For all about "frameworks", DDD don't say anything about that. Google around and use the one that most inspire you, bearing in mind security at the gate aspects.