After much experimenting on the SharePoint 2010 server, following tips on the "Claims to Windows Tokens Service" and the settings of the SecurityTokenServiceApplication web service site, finally found that the 8306 error being frequently logged was due to Forms Authentication being enabled in the SecurityTokenServiceApplication web service site. Disabling Forms Authentication removed the issue on the Secure Store Service Application management page in Central Admin
To check this setting, open IIS Admin, browse in the left-hand pane to Sites > SharePoint Web Services > SecurityTokenService Application, and in the IIS section in the right-hand pane open the "Authentication" settings. Only "Anonymous Authentication" and "Windows Authentication" should be enabled.
The 8306 error in the event log was : "An exception occurred when trying to issue security tokens". Thanks to the threads at http://social.technet.microsoft.com/Forums/en-US/sharepoint2010setup/thread/49508c3a-e44b-4b3a-ad94-0e9957b9e025/ and http://social.technet.microsoft.com/Forums/en-US/sharepoint2010setup/thread/580a6e7a-e26e-47aa-a6d8-51563b7d27de/ for the final bit of assistance in tracing this one.