Due to computing grid's large scale, distributed anddynamic nature, the security issues around gridapplications are more pervasive than computer network ingeneral and thus call for more complicated solutions. Inorder to solve key problems such as security mechanismintegration in heterogeneous grid, identity authenticationand trust delegation, a cross-domain authentication andauthorization model based on role translation anddelegation is proposed. This model allows theestablishment of trust among heterogeneous domains viacertain protocols so that resource sharing across griddomains becomes possible. After a user logins to a localgrid domain, its role in the local domain is mapped to arole in resource domain by using RBAC based roletranslation. This removes the need for cross-domain userlogins while they are accessing resources across differentdomains, which results in much higher efficiency. The useof Security Assertion Markup Language (SAML) baseddelegation for transferring user privileges enablessubmitting operation by delegation assertion and thecross-domain federation is done automatically. This cangreatly reduce users' manual involvement.