The EPC IS is the core of the Internet of Things and it’s responsible for the tasks of analyzing EPC datas and PML documents. Thus, this paper discusses a new EPC IS design scheme of Rights Management based on the traditional EPC IS while combined with eXtensible Access Control Markup Language (XACML). This new EPC IS design scheme of Rights Management aims to resolve the security issues of the EPC IS when it is accessed across companies. The architecture and role of the EPC IS with potential security problems come first. Then, XACML, which focus on analyzing how to realize rights management is talked. Finally, an EPC IS design schema of rights management solution of the cross-enterprise supply chain management system is put forward.