Radio frequency identification (RFID) has been considered as a viable solution for automatic data capture, information sharing and collaboration between enterprise partners. Along with the advantages of sharing information, it comes with the challenges of securing data and trade secret. Access control is an important method for securing data storing and sharing within and across partners in supply chains. In this paper, we propose a concept-level authorization model, aiming at addressing the challenges for securing RFID-enabled supply chains. We analyze the data characteristics and summarize common authorization challenges for RFID data from application perspectives. We propose to use concepts to reduce the size of policy repository and eliminate the structural heterogeneity across the information sources. We then focus on the details of semantic propagation rules that reflect the logical, time and spatial relationships. Other ideas such as policy groups and ontology merging techniques are employed to manage the authorization repository in an efficient manner.