陳宗義
陳宗義
虛擬企業資源分享之存取控制研究
Research on Access Control for Resource Sharing in Virtual Enterprises
資源分享, 角色為基的存取控制, 存取控制, 授權, 虛擬企業
authorization, resource sharing, RBAC, access control, virtual enterprise
虛擬企業(Virtual Enterprise)是有效提昇企業競爭力策略之ㄧ,其工作者以協同合作的模式貢獻自己的核心能力,跨企業的分享彼此的企業流程及資源,以共同完成產品生命週期中所有的活動,例如設計、生產、組裝、行銷並提供具附加價值的服務給顧客。 虛擬企業的成功必須仰賴即時的資訊透通性及安全的資源分享。因此,本研究將涵蓋存取控制模型及信任評估的技術。本研究首先考慮虛擬企業生命週期中所有的活動,提出一個適合虛擬企業環境特性之資源管理與分享的存取控制模型;此模型包含一個專案存取控制(Project-based Access Control, PBAC)模型及角色為基之存取控制(Role-based Access Control, RBAC)模型,能管理虛擬企業共同的資源及分享成員之私有資源。這些資源在虛擬企業執行期間允許被合法的授權者建構、更新、分享和重複使用,資源可以是資料庫、可延伸標示語言文件、網路資訊、應用程式、網路服務元件及知識,其範圍涵蓋產品設計階段的工程資料、專業領域的技術及知識或其他與虛擬企業相關的資源。本模型利用專案關係(Project Relation)連接不同的虛擬企業、虛擬企業工作者間的合作模式(Cooperative Mode)及角色階層(Role Hierarchy)所組成的角色關係網路(Role Relation Net)來促使跨企業及虛擬企業界限的資源分享與使用。基於本研究所提出之存取控制模型,設計一個信任評估的方法,評估兩個虛擬企業或虛擬工作者間信任的強度,幫助資源分享的決策。 經由本研究可以有助於虛擬企業資源的管理及分享,促進資訊的重複利用率,進而使虛擬企業能以協同及同步的方式來運作,降低資源管理的成本,克服複雜商業環境中存取控制模型權限分派問題。
A virtual enterprise (VE) is a network of independent, geographically dispersed administrative business domains that collaborate by sharing business processes and resources across enterprises to provide a value-added service to customers. Successfully implementing a VE relies on information transparency and appropriate resource sharing among VE workers, and, hence, two important issues for information security and trust among coworkers are introduced. This dissertation covers access control models and a trust evaluation method. In considering the activities during a VE’s lifecycle, this study presents a Virtual Enterprise Access Control (VEAC) model that facilitates resource sharing and reuse. The VEAC model has a Project-based Access Control (PBAC) model that handles public resources held by VE, and an RBAC-based model that manages private resources owned by various VE members. These public and private resources, which are created, updated, shared and reused by authorized workers, can be databases, XML documents, web information and services, applications and knowledge within a VE, and encompass engineering data for product modeling, technology information for product implementation, domain skills and knowledge, and any external resources available to a VE. A trust evaluation method based on the VEAC model is also presented that improves resource security while safeguarding sensitive resources that support collaboration. The results of the study enhance the security of resource sharing and reuse during collaboration and cooperation within a VE, reduce the costs of resource management and eliminate the complexity of resource sharing across enterprises.
以企業資源規劃為基之彈性化電子商務系統架構設計
Design of a Flexible Architecture for ERP-based eCommerce System
電子商務, 企業資源規劃, 系統整合
Electronic Commerce, Enterprise Resource Planning, System Integration
近年來,由於全球化的競爭壓力及資訊科技的進步,使得電子商務成為業界提昇競爭力的重要策略之一。在多變的環境下,電子商務要能達到預期效果,必須仰賴電子化交易流程的彈性化,使能整合企業各部門之作業及掌握企業整體營運狀態。因此,電子商務系統須能與企業資源規劃系統整合,且具備彈性化架構以因應企業流程的變化。
本研究的目的在提出一個以企業資源規劃為基的彈性化電子商務系統架構,做為發展電子商務系統的基礎。建置在本架構下之電子商務系統,能透過與企業資源規劃系統的整合,善用企業資源規劃資源,使電子商務交易流程能與企業營運策略配合。
Owing to the global competition and the rapid advancement of information technology, electronic commerce becomes one of the most promising strategies to increase competitiveness. The success of eCommerce is highly dependent on the flexibility of business processes and the integrateability of business activities, as well as the reconfigurability of eCommerce systems to reflect the change of business environment. Therefore, the flexibility and the ability to integrate with Enterprise Resource Planning (ERP)Systems are required for an eCommerce system.
The objective of this research is to develop a flexible architecture for implementation of ERP-based eCommerce systems. The business activities supported by an eCommerce system which is developed based on the proposed architecture can be fully integrated with the internal business processes and thus cope with enterprise operation strategy through making good use of resources provided by integrated enterprise resource planning systems.