Abstract
Nowadays applications are mostly service oriented and cross-boundary, entities involved in the access control process are usually unfamiliar, so traditional access control mechanism, which basically uses the identity of the involved entities to control authorization internal the organization, is no longer sufficient. Then, trust negotiation is brought out to construct trust between unfamiliar entities. Many issues come out together with this new technology, and attract attention of researchers. In this paper, a membership-based access control is proposed to facilitate authorization to external access by gathering target users into group. Policy assignment with group relationship; and negotiation route are defined to enhance trust negotiation. Then, the mechanism and related issues are discussed. As it shows, the membership-based access control can satisfy the three most concerned issues in trust negotiation.