A Formal Virtual Enterprise Access Control Model

A virtual enterprise (VE) refers to a cooperative alliance of legally independent enterprises, institutions, or single persons that collaborate with each other by sharing business processes and resources across enterprises in order to raise enterprise competitiveness and reduce production costs. Successful VEs require complete information transparency and suitable resource sharing among coworkers across enterprises. Hence, this investigation proposes a formal flexible integration solution, named the formal VE access control (VEAC) model, based on the role-based AC model, to integrate and share distributed resources owned by VE members. The formal VEAC model comprises a fundamental VEAC model, a project AC policy (PACP) language model, and a model construction methodology. The fundamental VEAC model manages VE resources and the resources of participating enterprises, in which various project relationships are presented to facilitate different degrees of resource sharing across projects and enterprise boundaries, and cooperative modes among VE roles are presented to enable collaboration among coworkers in a VE. This PACP language model features object-subject-action-condition AC policies that jointly determine user access authorizations. In addition, the methodology supplies a systematic method to identify fundamental elements of the VEAC model and to establish assignments between elements and relations.     

虚拟环境下的访问控制模型

安全方便地获取共享信息资源是虚拟企业成功的关键因素。该文分析了一个虚拟企业访问控制的基本要求,提出一个虚拟企业访问控制模型,该模型由管理公共资源的基于项目的访问控制和管理私有资源的基于角色的访问控制这2个子模型构成。给出了该模型的组成和系统结构,实现了虚拟企业之间的资源管理和共享。     

A fuzzy trust evaluation method for knowledge sharing in virtual enterprises

The success of virtual enterprises (VEs) depends on the effective sharing of related resources between various enterprises or workers who perform related activities. Specifically, VE success hinges on the integration and sharing of information and knowledge. Trust is an important facilitator of knowledge sharing. However, the trustworthiness of a peer is a vague concept that is dynamic and that often shifts over time or with environmental changes. This study designs a trust-based knowledge-sharing model based on characteristics of VEs and the knowledge structure model to express knowledge associated with VE activities. Subsequently, the factors that affect the trust evaluation are identified based on the characteristics of trust and VEs. Finally, this study develops a knowledge sharing, decision-making framework in which a fuzzy trust evaluation method for sharing knowledge is proposed based on VE activities and the interactions among workers in allied enterprises. The method consists of three sub-methods, including an activity correlation evaluation method, a current trust evaluation method, and an integral trust evaluation method. Under the premises of secure VE knowledge and reasonable access authorization, the proposed knowledge-sharing method provides the trust level between a knowledge-requesting enterprise and a knowledge-supplying enterprise to improve the willingness of the latter to share more valuable knowledge, ultimately increasing the efficiency and competitiveness of VEs.     

A fuzzy trust evaluation method for knowledge sharing in virtual enterprises

The success of virtual enterprises (VEs) depends on the effective sharing of related resources between various enterprises or workers who perform related activities. Specifically, VE success hinges on the integration and sharing of information and knowledge. Trust is an important facilitator of knowledge sharing. However, the trustworthiness of a peer is a vague concept that is dynamic and that often shifts over time or with environmental changes. This study designs a trust-based knowledge-sharing model based on characteristics of VEs and the knowledge structure model to express knowledge associated with VE activities. Subsequently, the factors that affect the trust evaluation are identified based on the characteristics of trust and VEs. Finally, this study develops a knowledge sharing, decision-making framework in which a fuzzy trust evaluation method for sharing knowledge is proposed based on VE activities and the interactions among workers in allied enterprises. The method consists of three sub-methods, including an activity correlation evaluation method, a current trust evaluation method, and an integral trust evaluation method. Under the premises of secure VE knowledge and reasonable access authorization, the proposed knowledge-sharing method provides the trust level between a knowledge-requesting enterprise and a knowledge-supplying enterprise to improve the willingness of the latter to share more valuable knowledge, ultimately increasing the efficiency and competitiveness of VEs.     

航空制造业虚拟企业协作平台设计研究

航空制造业虚拟企业的生产计划和控制有赖于联盟企业的信息协作。虚拟企业协作平台使航空制造业生产网络内部不同企业主体之间的知识与技术的传递与转移机制与路径得以实现。本文设计的CSSCM平台提供的企业服务和项目服务,主要功能有保障全局信息与共享信息的传递与转移,内部信息的控制和维护,同时其协同管理的功能能将分布式协同项目管理与协作支持技术进行有机的结合,有力地保障航空制造业虚拟企业间信息的处理与传递。     

Advanced multi-phase trust evaluation model for collaboration between coworkers in dynamic virtual project teams

With the globalization of commercial practices and advances in information and communication technologies, increasing numbers of enterprises and workers are establishing cross-functional, geographically distributed virtual project teams (VPTs) to maximize competitive advantage from limited labor and resources. One of the major challenges for workers in VPT is developing trust. Trust is a particularly crucial issue for VPT success because numerous project tasks are interdependent, making team members reliant on the functional expertise of their partners. The challenge to develop trust is particularly complex because trust should consider various factors into different assessments made during different phases of a VPT. This study first introduces a previously proposed trust evaluation model for evaluating trust over the lifecycle of VPTs. The original method, which comprises a method for evaluating trust between two VPT workers and a method for evaluating worker reliability, in which direct, indirect and negative trust relationships are considered in calculating trust between workers. This study aims to improve this method and then design an advanced multi-phase trust evaluation model, which comprises calculus-based, contribution-based and affective-based trust evaluation sub-models for evaluating trust during three different VPT phases (early, middle and late project phases). The advanced multi-phase trust evaluation model is a more appropriate means of assessing degree of trust among coworkers than the original model. Therefore, using the three sub-models during different project phases can assist VPT workers in making more accurate decisions regarding secure resource sharing with other coworkers.     

Knowledge sharing in virtual enterprises via an ontology-based access control approach

Collaborating throughout a product life cycle via virtual enterprise (VE) is one of the most promising strategies for enhancing global competitiveness. Efficient and secure knowledge sharing is critical to the success of a VE. This study presents a novel approach, model and technology for knowledge access control and sharing across enterprises. First, this study proposes an ontology-based knowledge sharing model and a multiple-layer knowledge representation framework on which a knowledge access control model for knowledge sharing in a VE is proposed. In the proposed model, user authorizations permitting access to knowledge in a VE are classified into two levels: (1) basic privileges and (2) extended privileges. The former is evaluated from four dimensions, i.e. who, what, when and where, while the latter is determined by considering how three domain ontologies, i.e., product, organization and activity, are related. This study then develops a knowledge access control policy (KACP) language model which is used to identify the knowledge access control and sharing rules of a VE and all its enterprise members. The knowledge access control model proposed in this study can facilitate VE Knowledge management and sharing across enterprises, enhance knowledge sharing security and flexibility and regulate knowledge sharing to expeditiously reflect changes in the business environment.     

Manufacturing enterprise collaboration based on a goal-oriented fuzzy trust evaluation model in a virtual enterprise

To cope with the rapidly changing manufacturing environment, enterprise collaboration is getting increasingly more attention than ever before. The virtual enterprise (VE) is a concept that supports temporary alliances of manufacturing enterprises that have various collaboration models, such as extended enterprise, networked enterprise, concurrent enterprise, etc. Selection of trustworthy partners and trust building are important in virtual domains because they have largely been affecting the success of a VE. However, because of its complexity of trust, trust models in the literature are limited in their ability to cope with dynamic and virtual environment. In this paper, we propose a trust evaluation method of supporting enterprise collaboration and maximizing the satisfaction of cooperation. In this context, trust means the goal achievement probability. Trust value of an enterprise can be obtained by a fuzzy inference system whose rule-base is based on the top-level goal of a VE. According to the selector’s preference, various rules can be applied to trust evaluation. For further study, the planning and scheduling problems should be considered along with the trust-based partner selection for collaboration among manufacturing enterprises.     

A Blockchain-Based Trust Model for Supporting Collaborative Healthcare Data Management

The development of information technology allows the collaborative business process to be run across multiple enterprises in a larger market environment. However, while collaborative business expands the realm of businesses, it also causes various hazards in collaborative Interaction, such as data falsification, inconstancy, and misuse. To solve these issues, a blockchain-based collaborative business modeling approach was proposed and analyzed. However, the existing studies lack the blockchain risk problem-solving specification, and there is no verification technique to examine the process. Consequently, it is difficult to confirm the appropriateness of the approach. Thus, here, we propose and build a blockchain-based trust model to strengthen and verify the integrity and security of the collaborative business process; Integrity and security address the validity of collaborative interactions in terms of a trust, and we construct a blockchain pattern based on trust elements to meet the required the characteristics. Specifically, a trust model can be applied to the healthcare data-sharing process, and then the achievement of the trust-based safe data-sharing process can be proven. Our model can be used as a trust-building guidance tool or for integrity and security verification with the collaborative business process in a distributed environment with blockchain.     

基于区块链的企业管理系统框架设计与分析

区块链技术如何赋能现代企业管理,越来越受到广泛的关注。企业资源计划（ERP,enterprise resource planning）技术将现代信息技术与企业生产流程管理紧密结合,有效加强了企业的工作效率和管理水平,但存在中心化结构特有的设备安全、数据安全、工控安全、信息泄露等固有的痛点问题。针对当前ERP系统暴露的问题,利用区块链的去中心化、去信任化、公开透明、可信数据库、可追溯性等特点,提出一种基于区块链的现代企业管理ERP系统框架模型。重点解决企业生产与管理流程中的数据可信和高效协同问题,并引入区块链的激励机制,利用Token强化协同管理,提高效率,为企业效绩评估与考核提供一种新思路。     

Knowledge sharing in dynamic virtual enterprises: A socio-technological perspective

The success of a virtual enterprise depends largely on the effective collaboration of its members in orchestrating their knowledge, skills, core competences and resources, in order to enhance competitive capabilities and respond better to business opportunities. In this paper we address the challenges of knowledge sharing in dynamic virtual enterprises. We take a socio-technological approach by proposing a human-centered knowledge sharing solution and architecture. Specifically, we propose a knowledge resource space model to represent heterogeneous knowledge resources, both explicit and implicit. We then introduce a knowledge sharing community model and adopt an agent based solution to perform the functions of knowledge sharing among members of a dynamic virtual enterprise. Our solution incorporates the concepts of agent society and semantic ontology. Knowledge sharing in dynamic virtual enterprises is performed with three types of ties: knowledge agent to knowledge agent, knowledge agent to knowledge item, and knowledge item to knowledge item. We measure agent-to-agent ties by preference correlation using the contribution degree of one agent to another and the preference similarity degree between two agents. We define a semantic view to show agent-to-item ties and use semantic links in the knowledge resource space model to reflect item-to-item ties. We also elaborate the co-evolution mechanism of collective intelligence across enterprises throughout the lifecycle of a dynamic virtual enterprise. A case study is presented to validate our approach.     

Context-aware workflow management for virtual enterprises based on coordination of agents

Although virtual enterprises (VE) make it possible for small flexible enterprises to form a collaborative network to respond to business opportunities through dynamic coalition and sharing of the core competencies and resources, they also pose new challenges and issues. Creation of VE involves dynamically established partnerships between the partners and relies on a flexible coordination scheme. The dynamic organizations formed in VE present a challenge in the development of a new methodology to dynamically allocate re-sources and deliver the relevant information to the right people at the right time. A key issue is the development of an effective workflow management scheme for VE. Multi-agent systems (MAS) provide a flexible architecture to deal with changes based on dynamic organization and collaboration of autonomous agents. Despite the extensive studies and research results on MAS, development of a design methodology to support coordination and operations is critical to the success and adoption of VE. The objectives of this research are to propose a design methodology to facilitate coordination and development of context-aware workflow management systems and achieve effective resource allocation for VE based on MAS architecture. To achieve these objectives, a scheme for coordination of agents is proposed. Petri net models are used in the coordination scheme to describe workflows and capture resource activities in VE. The interactions between agents lead to a dynamic workflow model for VE. Based on the aforementioned model, we propose architecture to dynamically generate context-aware graphical user interface to guide the users and control resource allocation based on the state of VE. An order management example is used throughout this paper to illustrate the proposed design methodology.     

利用Web Services实现铁路企业信息共享框架

为了实现铁路企业信息系统之间资源的集成和共享交流,本文给出了一种利用WebServices实现铁路企业信息共享的开发方案。具体阐述了共享框架的网络结构、系统集成设计,并给出了一种有效的安全模型。本框架能有效整合企业内部的业务系统,安全快捷的实现企业信息的共享,可进一步扩展铁路信息共享的范围。     

Agent技术在虚拟企业创建过程中的应用研究

虚拟企业（virtual enterprise，VE）被认为是21世纪最有竞争力的企业运行模式，它面向全球范围的企业资源，通过构建VE的联盟之间的快速重组，实现联盟企业之间的敏捷化和柔性化。如何选择伙伴企业，则是VE创建过程中的关键。文章首先采用了分布式对象技术以支持VE创建时的需要；然后提取了用于伙伴企业选择的Agent基本属性；规划了伙伴企业选择过程；最后用多Agent技术为VE构建一个支持动态联盟的多Agent远程制造系统。     

REMUS: A Rerouting and Multiplexing System for Grid Connectivity Across Firewalls

The Grid provides unique opportunities for high-performance computing through distributed applications that execute over multiple remote resources. Participating institutions can form a virtual organization to maximize the utilization of collective resources as well as to facilitate collaborative projects. However, there are two design aspects in distributed environments like the Grid that can easily clash: security and resource sharing. It may be that resources are secure but are not entirely conducive to resource sharing, or networks are wide open for resource sharing but sacrifice security as a result. We developed REMUS, a rerouting and multiplexing system that provides a compromise through connection rerouting and wrappers. REMUS reroutes connections using proxies, ports and protocols that are already authorized across firewalls, avoiding the need to make new openings through the firewalls. We also encapsulate applications within wrappers, transparently rerouting the connections among Grid applications without modifying their programs. In this paper, we describe REMUS and the tests we conducted across firewalls using two Grid middleware case studies: Globus Toolkit 2.4 and Nimrod/G 3.0.     

基于业务的油田数据资源目录构建方法研究

为了解决油田企业在信息化建设和信息资源管理过程中存在的数据"看不到"、"读不懂"、数据标准不统一、信息孤岛导致数据共享不充分等问题,以实现企业数据资源统一组织管理与开放共享,基于国内外信息资源规划和数据管理成熟理论,设计提出了"业务-系统-数据关联法"摸底梳理企业业务、数据资源和系统现状及需求.从业务入手,梳理企业业务...     

支持中小企业动态联盟的企业资源计划体系

在讨论ERP系统与应用企业的匹配性、中小企业动态联盟的特点及其ERP系统特征的基础上，提出一个基于盟主企业和盟员企业两大层面的ERP结构体系，并阐述了中小企业动态联盟在所设计的ERP环境下协同工作的业务流程．     

网格中可信资源的评估及访问控制研究

在变化的网格环境下,为了实现各类资源的透明共享,解决网格节点间进行频繁互操作的交互安全问题,结合粗集理论及线性回归技术,通过对网格节点间交互产生的七元组交易信息进行二元约简处理,建立数学模型,预测评估网格资源的可信度并作访问控制,从而实现了网格中主客体对访问权限的动态管理。最后的仿真实验表明,方案能保证网格系统中各种异类资源和服务在紧密的协同合作和透明共享时,又可以从提供资源共享者那里保护自己,从而科学有效地解决网格系统中互操作时复杂的信任问题。     

基于工作流的工程综合管理系统的设计与实现

随我国经济发展,一些大型工程企业的项目建设不断开展,需要用信息化手段,设计出项目综合管理系统,实现对工程中的项目进度跟踪、信息共享和资源分配。该系统采用工作流设计模式,围绕项目执行过程,对业务流程进行有效管理,以实现工程企业的信息化,提升企业运营决策能力。     

企业网络安全设计与管理

随着计算机网络的不断发展,越来越多的企业建立自己的局域网以实现企业信息资源共享或者在局域网上运行各类业务系统.随着企业局域网应用范围的扩大,保存和传输的关键数据不断增多,网络的安全问题也日益突出.如何保障网络的安全,维护网络的运行效率,已成为企业发展道路上迫切需要解决的重要问题.本文主要从网络安全配置,如NAT、PAT、ACL等方面对企业网络安全进行设计和管理,使企业网络的安全性得到更充分的保障.