The latest researches on access control model are dramatically different from conventional ones. Nowadays, most attention is paid to accessing across organizational boundaries. So, how to identify the applicant and determine authorization with limited information; how to express and exchange control rules expediently; how to protect confidential information and enhance collaboration simultaneously, are the most concerned problems. However, for large commercial organizations, a fine management of internal functions is of the same importance as external service management. It is very troublesome to control authorizations merely with attributes and composition of policies introduced from attribute-based access control (ABAC). So, we introduce a united access control model for systems in collaborative commerce, combining the advantages of conventional role-based access control (RBAC), task-based authentication control (TBAC) and that of recent ABAC and automated trust negotiation (ATN). Innovational ideas in the model are analyzed, and the implement architecture is discussed. The paper concludes with a summary of the united model’s benefits and future work.