Main part The establishment of corporate portal network and the implementation of information exchange mechanism management is based on several basic principles: 1. A network portal is considered as a set of interrelated sections (objects of access) with a hierarchical tree structure of subordination. Each access object, except for the root one, which is the portal itself, has one parent and any number of subsidiary objects. Each section is related to the protected portal resource with a specific reference in URI format (Engl. Uniform Resource Identifier); 2. Only one access rule may be assigned for each portal section. At that, the access rule starts to play an assigned role in all tree branch, which is formed by this object. For this purpose, the system provides the inheritance mechanism of access rights by subsidiary objects from the parent object. However, the right inheritance mechanism may be switched off for each subsidiary section and a new access rule which will apply to it and all its descendants may be appointed. At that it may only be more "severe"; 3. Each access rule associates the group of privileges and two possible actions for the related access objects: "to allow" and "to prohibit". At that the group of privileges shall be the same as that of the parent object or to be the parent access privilege group heir, that is to have the same or higher level or privilege; 4. The access privilege groups are intended to group people according to their level of privileges (access rights) in the system. A rigid hierarchy of subordination exists between groups. Each group with a higher privilege level is the successor to the group with the previous value of the privilege level. It provides the possibility of user access with a high level of privileges to the sections with a lower level of access privileges; 5. It is proposed to define 16 levels of access privileges in the system. The privilege level 0 will mean that the section is open and public one. The levels from 1 to 15 are for allocation of access rights to the protected portal sections; 1. A lot of system users is divided into separate subsets via privileged access groups, that is, the user may belong only to one privileged access group; 2. Each session of an authorized system user has a unique session identifier, which allows to determine which user made a certain request to the portal and, accordingly, the privileged access level of a particular user.
Another important aspect of information exchange in the corporate portal network is the participant integration into information resources network. The specifics of the portal network development involves the creation of resource database for the access servers in the form of a portal tree (a sitemap) [8, 9]. One user domain may be compared with several Internet domain portals, and a