虛擬企業(Virtual Enterprise)是一個新的提昇企業競爭力的策略，其工作者以協同合作的模式貢獻自己的核心能力，分享彼此的資源，尤其是知識，以共同完成產品的設計、生產、組裝、行銷及服務。因此，適度安全的知識分享是虛擬企業成功的要素之ㄧ，本研究提出一個以本體論(Ontology)為基的虛擬企業知識存取控制(Access Control)模型，能根據工作者在虛擬企業中的所扮演的角色及執行的任務來決定跨企業的知識存取權限。本模型以4W (Who, What, When 及 Where)來評估使用者對知識的基本存取權限(Authorization)，並應用本體論中所定義的基本關係決定權限的擴展(Propagation)。藉由本研究能使虛擬企業更容易的制定適當的知識存取控制政策，有效管理及分享跨企業的知識。

Virtual Enterprise (VE) is one of the most promising strategies to enhance global competitiveness, via collaboration on product design, production, assembly and marketing. Efficient and secure knowledge resource sharing is one of the key factors to the success of VE. This study proposes an ontology-based access control model for knowledge management and sharing in virtual enterprise. In this model, user authorization is classified into basic and propagated levels. The former is evaluated from four-dimensions, i.e. who, what, when and where, while the latter is decided by considering the relationships between concepts in a predefined domain ontology. The proposed knowledge access control model facilitates: (1) construction of a proper access control policy based on the requirements of a virtual enterprise access control, and (2) management and sharing of knowledge involved in a virtual enterprise.

[1] Frenkel, A., Afsarmanesh, H., Garita, C., and Hertzberger L. O., “Managing Cooperation in Virtual Organizations and Electronic Business towards Smart Organizations Supporting Information Access Rights and Visibility Levels in Virtual Enterprise,” IFIP TC5/WG5.3 Second IFIP working Conference on Infrastructures for Virtual Organizations, 2000.
[2] Zhu, H.H., Chen, D.F.and Zhang, X.C., “Research of knowledge chain in intelligent control,” Robotics, Intelligent Systems and Signal Processing, 2003.
[3] Furst, K., Schmidt, T., and Wippel, G., “Managing Access in Extended Enterprise Networks,” Internet Computing IEEE, 2002, Vol.6, pp.67-74.
[4] Vasconcelos, J., Gouveia, F.and Kimble, C., “An Organizational Memory Information System using Ontologies,” Proceedings of the 3rd Conference of the Associação Portuguesa de Sistemas de Informação University of Coimbra, Portugal, November 2002.
[5] Nonaka, I., “A Dynamic Theory of Organizational Knowledge Creation,” Organization Science, Vol.5, No.1, 1994, pp.14-19.
[6] Davidow, W. H., “The Virtual Corporation,” New York: Harper Collins Publishing Inc., 1992.
[7] Handy, C. “Trust and Virtual Organization: How Do You Manage People Whom You Do Not See,” Harvard Business Review, 1995, Vol.73, No.2, pp.40-50.
[8] Pape, W., “Chairman of The Keyboard,” Inc. Magazine, September 1998, pp. 23-24. Available URL:http://www.inc.com/magazine/19980915/5357.html
[9] Park, K.H. and Favrel, J., “Virtual Enterprise-Information System and Networking Solution,” Computers & Industrial Engineering, 1999, Vol. 37, No.1, pp. 441-444.
[10] Schonseleben, P., “With Agility and Adequate Partnership Strategies Towards Effective Logistics Networks,” Computers in Industry. , 2000, Vol. 42, No.1, pp. 33-42.
[11]葉曉萍、李國樑，「台灣傳統產業e 化過程採用虛擬組織或策略聯盟之決策因素研究」，2000 年科技與管理學術研討會論文集，民89，12月，pp.183-190。
[12] Tuma, A. “Configuration and coordination of virtual production networks,” International Journal of Production Economics, 1998, Vol.56-57, No.1, pp.641-649.
[13] Goranson, H. T., “The agile virtual enterprise,” London: Quorum Book, 1999.
[14] Burn, J. and Barnett, M., “Communicating for advantage in the virtual organization,” IEEE Transactions on Professional Communication, 1999, Vol.42, No.4, pp.215-222.
[15] 唐校慶，「網路觀點的虛擬化組織模式建構之研究-以電子資訊業為例」，國立台灣大學商學研究所博士論文，台北市，民87。
[16] 吳忠衛，「虛擬組織關鍵成功因素之研究」，銘傳大學管理科學研究所碩士論文，台北市，民89。
[17] Strader, T. J., Lin, F.R.and Shaw, M. J., “Information infrastructure for electronic virtual organization management,” Decision Support Systems, May, 1998, Vol.23, No.1, pp. 75-94.
[18] Purser, R.E.and Pasmore, W.A., “Organizing for Learning, In William A Pasmore and Richard W. Woodman,” Research in Organizational Change and Development, London: JAI Press, 1992, pp.37-114.
[19] Nonaka, I.and Takeuchi, H., “The knowledge creating company: How Japanese Companies Create the Dynamic of Innovation,” New York: Oxford University Press, 1995.
[20] Davenport, T. H. and Prusak, L. “Working Knowledge: How Organization Manage What They Know,” Harvard Business School Press, 1998.
[21] Quintas, P., Lefrere, P., and Jones, G.., “Knowledge management: a strategic agenda,” Long Range Planning, 1997, Vol.30, No.3, pp.385-391.
[22] Harris, D.B., “Creating a Knowledge Centric Information Technology Environment,” Sep. 1998, http://www.htcs.com/ckc.html.
[23] Beijerse, R. P., “Knowledge management in small and medium-sized companies: Knowledge management for entrepreneurs,” Journal of Knowledge Management, 2000, Vol.4, No.2, pp.162-179.
[24] Polanyi, M., “The Tacit Dimension,” New York: M.E. Sharp Inc., 1967.
[25] OECD, “The Knowledge based Ecocomy,” Paris, 1996.
[26]Zack, M.H., “Managing codified knowledge,” Sloan Management Review, Summer 1999, pp.45-57.
[27] 勤業管理顧問公司著，「知識管理推行實務」，許史金譯，台北：商周出版，民90。
[28] Garrity, E.J. and Siplor, J.C. “Multimedia as a Vehical for Knowledge Modeling in Expert System,” Expert System with Application, Vol.7, No.3, 1994, pp.397-406.
[29] Wiig, K.M., “Knowledge Management Foundations: Thinking about Thinking– How People and Organizations Create, Represent, and Use Knowledg,” Arlington, TX: Schema Press, 1993.
[30] O’Dell, C.S.and Grayson, C.J., “If Only We Knew What We Know: The Transfer of Internal Knowledge and Best Practice,” New York, Free Press. 1998.
[31] Maglitta, J., “Smarten Up！,” Computerworld, 1995, Vol.29, No.23, pp.84-86.
[32] Holsapple, C.W.and Joshi, K.D., “Description and Analysis of Existing Knowledge Management Frameworks,”Proceedings of the 32nd Hawaii International Conference on System Sciences, 1999.
[33] 吳思華，「知識資本在台灣」，台北：遠流，民89。
[34] Uschold, M. and Gruninger, M., “Ontologies: Principles, Methods and Applications,” The Knowledge Engineering Review, 1996, Vol.11, No.2, pp. 93-136.
[35] Gruber, T.R. “A Translation Approach to Portable Ontologies,” Knowledge Acquisition, 1993, Vol.5, No.2, pp.199-220.
[36] O’Leary, D.E., “Enterprise Knowledge Management,”IEEE Computer, Vol.31, No.3, 1998, pp.54-61.
[37] Slade, A. J.and Bokma, A. F., “Conceptual Approachs for Personal and Corporate Information and Knowledge,” Proceedings of the 34thHawaii International Conference on System Sciences, 2001.
[38] Fensel, D., “Ontologies: A silver bullet for Knowledge Management and E-Commerce,” Springer, 2001.
[39] Staab, S. and Maedche, A., “Knowledge Portals Ontologies at Work,” AI Magazine, Summer 2001, Vol. 22, No. 2, pp. 63-75.
[40] Amoroso, E., “Fundamentals of computer security technology,” Prentice-Hall International, Inc., 1994.
[41] Sandhu, R. S., Samarati P., “Access Control: Principles and Practice,” IEEE Comm. Magazine, Sep.1994, p40-48.
[42] White, G. B., Fisch E. A. and Pooch Udo W., “Computer System and Network Security,” CRC Press, Inc.1996.
[43] Roshan, K.T.and Sandhu R.S., “Conceptual Foundations for a Model of Task-based Authorizations,” Proceedings of the 7th IEEE Computer Security Foundations Workshop, Franconia, NH, June 1994, pp.66-79.
[44] Gollmann, D., “COMPUTER SECURITY,” 1999.
[45] 樊國楨、陳祥輝及蔡敦仁，「資料庫濫用軌跡塑模」，民91，網頁 http://www.ascc.net/nl/90/1711/02.txt。
[46] Sandhu, R.S., Coyne, E.J., Feinstein, H.L.and Youman, C.E., “Role-Base Access Control Models,” IEEE Computer, 1996, 38-47.
[47] Roderich, O. and Horvath, I., “toward product-related knowledge asset warehousing in enterprises,” Proceedings of TMCE 2002, 2002.
[48] 資策會MIC整理，民88，12月。
[49] Staab, S., “Knowledge Representation with Ontologies: The Present and Future,” IEEE Computer Society, 2004, pp. 72-81