Advances in the World Wide Web technology have resulted in the proliferation of significant collaborative applications in commercial environments. However, the World Wide Web as a distributed system, which introduces new technologies (like Java applets and ActiveX) and uses a vulnerable communication infrastructure (the Internet), is subject to various security attacks. These security attacks violate the confidentiality, integrity, and availability of Web resources. To achieve a certain degree of Web security and security management, different protocols and techniques have been proposed and implemented. This is still a hot topic in the current research area and still requires more ambitious efforts. We give an overview of the Internet security issues with special emphasis on the Web security. We describe an architecture built up by the means of security services to shield against these threats and to achieve information security for networked systems like the WWW. We focus on the authentication and access control services (like role-based access control) and their administration aspects. We discuss several elementary techniques and Internet standards which provide state-of-the-art of Web security.