Abstract: This paper firstly analyzes the necessity of secure authentication for the electric medical record system，and then researches the Cookie technology emphatically，discusses the application system of secure Cookie in detail，and analyzes the secure character of secure Cookie with the technology of PKI digital authentication.Further，with the research of role-based access control，this thesis puts forward an effective secure system based on Web.This system utilizes the secure Cookie to guarantee the security，in the mean time，introduces the cache system to improve the efficiency of achieving privilege.Through the syntheses experiment with actual data，it is proved that this system has enhanced the efficiency in some degree.Finally，the present thesis analyzes the application of this system in the electric medical record system with its characters.

摘要： 首先分析了电子病历系统安全验证的必要性，着重研究了Cookie技术，探讨了安全Cookie的应用机制，并且通过使用PKI数字认证技术，分析了安全Cookie的安全特性。进一步通过对基于角色的访问控制的深入研究，提出了一种基于Web高效安全机制。该机制在利用安全Cookie保证安全性的前提下，引入缓存机制来提高权限获取效率。通过实际数据模拟实验，结果表明该机制在效率上有一定程度的提高。最后，针对电子病历系统的特点分析了该机制在其中的应用。