Based on Harn抯 digital signature scheme and zero-knowledge proof, an authentication access control scheme for information protection system is presented in this paper. The scheme is safer than previously proposed one. In the scheme, two-way authentication may be done between a user and the system without exposing their secret information, and their sharing secret is used for authenticating the requesting user not to illegitimatimately access the protected file. The scheme can perform the access operation in dynamic environments,such as change access privileges and insert/delete users or files without implicating any user's secretkey.