摘要： 适应多安全域环境的安全能力自动协商机制包括了一种基于Agent的安全能力协商模型、适用于该模型的协商Agent和协商流程。该机制中，通过定义安全能力协商描述语言(SanDL)文档，用户可以方便准确地将协商要求和协商策略告知协商Agent，由协商Agent自动完成协商过程。在协商Agent中通过定义通信适配器和一套基本协商原语，使协商Agent的通信接口更加安全、灵活、易于扩展。

关键词: 安全能力协商, 代理, 多安全域

Abstract: An agent-based automatic security capability negotiation mechanism is proposed. This mechanism includes an agent-based security capability negotiation model, a kind of negotiation agent and negotiation process. Security requirement and negotiation policy can be described in the form of a security capability negotiation description language (SanDL) document. The negotiation agent accomplishes the negotiation automatically according to the SanDL document. The definition of a communication adaptor and a set of basic negotiation primitive makes the communication interface of negotiation agent more secure, flexible and extensible.

Key words: Security capability negotiation, Agent, Multi-security domain

中图分类号: 

• TN915.5