Purpose－Due to the growing intelligent attacks, internet service providers are facing more and more risks. It has become a big concern, especially in the emerging cloud computing environment, whether the service providers have the capability to properly protect users’ data from attacks and prevent unauthorized access. Design/methodology/approach － In order to meet the information security requirements of confidentiality, integrity and availability with consideration of access efficiency in the presence of huge amount of data, we proposed an efficient and secure data access model covering active authentication, encryption/decryption, and access to databases. Findings－Through experiments, we found that the control of ＂read＂ will solve most unauthorized access problems and serialization of ＂write＂ will avoid deadlocks. Research limitations/implications－We designed a multi-layered, distributed database system and proposed a secure access model in which only two locking mechanisms, two-phase locking and altruistic locking, are compared. Other mechanisms are not considered in this study. Practical implications－A prototype was implemented to test the applicability of the proposed model. The system first authenticates a user and then assigns him a ticket. This process accomplishes fined-grained access control. After analyzing the data obtained from the experiments, we found that the proposed data access model is well suited for the cloud computing environment in terms of security and efficiency. Originality/value－This study proposes a new approach to system security, permitting distributed database access and efficient scheduling. The system allows active identity verification, secure data isolation and information exchange, multi-level scheduling based on priorities, distributed access control and use of encryption technology.