Enterprise collaborative systems often focus on building useful connections among people, tools, and information, access control is particularly important in the environment. This paper is concerned with enterprise access control architecture design issues. Firstly, this paper examines RBAC and TBAC models and analysis their benefits and weaknesses in application, and introduces an improved role and task-based access control model that mixed the two model benefits. Secondly, this paper applies object-oriented method to specify the model security policy elements, and design an organization-based role and resources management mechanism, especially on dynamic role administration of collaborative project as a virtual organization unit where TBAC applied. Finally, this paper presents a hierarchical access control architecture, that can facilitate administrators to specify and enforce security policy in hierarchical strategy.