Abstract de la publi numéro 11141

The Virtual Enterprise (VE) concept has emerged in the beginning of 1990s from the need for cooperation faced by traditional enterprises, searching for partnership skills, in order to respond to new business opportunities. Within a VE, traditional enterprises must interconnect their Information Systems (IS) through Information technologies (IT). Opening a part (or all) of its IS to partners presents security challenges on technical and organizational levels. Each member of a VE needs guaranties from its partners; this level of guaranty will guide the choice of architectural solutions to deploy within the distributed environment. Within this paper, we detail security issues and, especially access control issues, facing enterprises when deciding to deploy a VE. We present our work that deals with ensuring access control functionalities for VE: we detail and present the new version of our tool “SecMaLET: Security Maturity Level Evaluation Tool” we have defined for providing enterprises with the mean to evaluate the level of maturity of their partners in terms of security issues. This level of maturity is, in some way, a guaranty that these partners will act accordingly to what has been decided during the VE deployment and that the shared resources will not be exposed to attacks due to security breaches within the partners IS.