The WHOSINIT database provides access control on a case-by-case basis to web server resources by group membership and individual users. It uses 128-bit session key encryption and 1024-bit RSA public key encryption to securely store sensitive files and only allow authorized users to access customized CGI programs and the information within. The access control system can handle large user populations of 500,000 cases and thousands of users, defining access down to individual users or groups. A graphical interface called WHOSINIT provides easy administration of user, group, and case access through a web-based hierarchical interface that allows real-time updates to access charts and group hierarchies.