Development of an access control model, system architecture and approaches for resource sharing in virtual enterprise

Secure information sharing is one of key factors for success of virtual enterprise (VE). The study identifies the characteristics of a VE and analyzes the requirements of a VE access control. A Virtual Enterprise Access Control (VEAC) model is proposed to handle resource management and sharing across each participating enterprise, which consists of a Project-based Access Control (PBAC) sub-model to manage public resources and a Role-based Access Control (RBAC) sub-model to manage private resources. The architecture of a VEAC model-based system is developed and consists of three core mechanisms including the Virtual Enterprise Access Control Center (VEACC), Security Gatekeeper (SG) and Global Certificate Authority Center (GCAC). Based on the system architecture, the study proposes certificate authentication, user authority and access control approaches to identify user's identity on-line, update and search user authority lists, and access private and public resources. The results of this study will facilitate more secure resource sharing, and overcome cooperation barrier from trust among participating enterprises in VE.