The increasing importance of the Internet has motivated the exploration of new execution models based on mobile and dynamic entities to overcome the limits of the client/server model traditionally used to develop Internet applications. In this research, an Enhanced Role-based access control model (ERBAC) and an architecture for the ERBAC model are proposed. The architecture based on mobile agents will be a suitable approach to achieve both security interoperation and privacy protection in the Internet environment. The significant of this method is that mobile agents tend to execute the information locally therefore reducing network traffic and latency. In addition, mobile agents make it feasible to automatically realize the security and privacy protection for Internet applications.