Look at group profiles?
No, as far as I know an object can only be secured by one authorisation list.
Since users can be on more than one *AUTL, there is no reason to have an object secured by more than one *AUTL.
The only reason to have an object on two *AUTLs would be if authorities for another object would be contradicted if the two objects were on the same list. In such a case, put one of the objects on one list, and put the other object on a different list. Set user authorities on the two lists with whatever differences are needed. That eliminates the need to have either object on two lists.
If the number of users is extensive, then they should be combined into groups. The groups could be indicated by the sets of users with the same authorities.