关键词: 自动信任协商，访问控制策略，一致性，策略环

Abstract: In the virtual computing environment the securing co-operation is based on the trust between the strangers,automated trust negotia-lion provides a mean to establish strangers in distributed situation. However, the current negotialion takes it for granted that the access control policy of negotiation is correct, which will probably has many problems to lead negotiation to fail. This paper emphasized on analyzing the characters of negotiation policy. Firstly, aiming at the inconsistency problems such as inconsistent policy and trivial policy, this paper established a logic proving method based on label binary tree in order to test policy consistency, so as to prove the soundness and completeness of this method.Secondly, this paper gained the minimal credential set by predigesting the policy tree, then successful negotiation was achieved through oncoff discovering the minimal credential set, which will avoid the policy circle and improve the efficiency and the probability of negotiation.

Key words: Automated trust negotiation, Access control policy, Consistency, Policy circle