When domains employing heterogeneous RBAC policies collaborate by crossdomain role-role mappings, their local Separation of Duty constraints face the risk of breaching. We present the requirements for constraint-secure interoperation, to prohibit implicit authorizations that break constraints from other member domains, and propose a trust-based framework to ensure constraint-secure interoperation. The framework introduces cross-domain migration and remote assurance of constraints between mutually trusted domains to maximize interoperability, while ensuring separation of constraints between distrusted domains to minimize security risk. Specifically, we use a bitmap-based history-recording mechanism for member domains to analyze the interplay among innerdomain role hierarchies, crossdomain mappings and constraints. Algorithms of a fully distributed implementation, security proofs and illustrative usage cases for the proposed solution are provided.