Distributed access control architecture and model for supporting collaboration and concurrency in dynamic virtual enterprises

Virtual enterprises (VEs) provide a novel solution to potentially enhance global competitiveness via collaboration on product design, production, assembly and marketing. Efficient and secure information resource sharing is one of the key factors to a successful VE. This study presents the architecture of a virtual enterprise access control (VEAC) system with a VEAC model to handle access control for information sharing across enterprises, thus enabling VEs to change dynamically. To improve current access control models to be adapted to VEs, the requirements for the access control system and model are first specified by the results of analysis on the characteristics of dynamic VEs. According to the requirements, this study designs the architecture of VEAC system and presents a VEAC model based on the concept of role-based access control (RBAC). The VEAC model, modelled in unified modeling Language (UML), is composed of a project-based access control (PBAC) model and RBAC models to manage resources related to VE activities and to solve problems in distributed authorization management and security access control across organizations that may both compete and cooperate with each other. Moreover, algorithms to generate user authorization are developed based on the model. Finally, the prototype of the VEAC system is implemented. The results of this study can provide VE workers with efficient and easy access to relevant resources with up-to-date information, thus averting information delay and increase information transparency.