| More and more information is generated and stored in Virtual Enterprise systems, and at the same time the system designer cannot assume that the system users are trustworthy, so that the security issues must be considered when a new Virtual Enterprise system is designed and developed. In MIDAS, a new backbone of Virtual Enterprise systems, the security is always concerned even in the design stage of the system. In this paper, we explain what security means to a Virtual Enterprise system, and introduce three basic components (authentication, access control and auditing) of an entire security subsystem. The access control component is discussed in detail. And different access control low-level mechanisms and high-level models are examined. According to the security requirements in the collaborative environment and the drawbacks of the classical access control models, we propose a new access control model: Layer-based Access Control (LBAC), and implement LBAC in MIDAS. |
