The personal information protection act has been announced and in effect within our country since October 1st, 2012, and making efforts to resolve the information security issues has become more essential than ever. The military personnel information management system stores a huge amount of personal information of all military personnel. The administrative users and the database managers who are in charge of the system maintenance will be able to look up any piece of information and will possibly cause personal information breaches if there is no appropriate information security measure. The objective of this research is to reinforce information security and user identification authentication and control of the military personnel information management system. The elliptic curve cryptography system is adopted to offer a shorter key length and a lower computation complexity while still to provide the same security strength. By combining with the design of database filed encryption and access control, such a mechanism strengthens the security of the system to comply with the personal information act and to meet the requirements of information access security and control.