In the virtual computing environment, the securing co-operation is based on the trust between the strangers, automated trust negotiation provides a mean to establish trust between strangers in distributed situation. However, the current negotiation takes it for granted that the access control policy of negotiation is correct, which will probably cause many problems to lead negotiation to fail. This paper emphasizes on analyzing the characters of negotiation policy. Firstly, aiming at the inconsistency problems such as inconsistent policy and trivial policy, this paper establishes a logic proving method based on label binary tree in order to test policy consistency, so as to prove the soundness and completeness of this method; Secondly, this paper gains the minimal credential set by predigesting the policy tree, then successful negotiation is achieved through one-off discovering the minimal credential set, which will avoid the policy circle and improve the efficiency and the probability of negotiation.

• 出版日期2012
• 单位同济大学