To meet the actual demand of oil network information system in B/S model, and to improve dynamics of users’ authority management and security of authorized access, this paper presents a fine-grained privilege management model combining the role-based access control principle for the fact that users are complicated and they change jobs frequently in B/S application system. This model decomposes the access privilege of sources by fine-grained, and realizes access control of different levels from coarse-grained to fine-grained, and this model cannot only authorize the role but also authorize the user directly, which greatly improves the flexibility and scalability.