The authorization management model is defined based on joint trust-risk evaluation, proof of compliance and separation of duty are analyzed. The proposed model depicts not only trust relationship between principals, but also security problem of authorization. 基于信任-风险联合评估机制定义了授权管理模型,并分析了授权管理中的一致性证明问题和职责分离问题。