What would stop the user from bypassing the authentication by simply not using your Perl interface at all, accessing the files directly with some other software? I'm assuming you have something in mind for this, but I don't know what it is. Are the files encrypted? Owned by root and chmod ugo-rwx? Not stored at all except in process memory? Your Perl interface will need to take this stuff into account and might need to be completely different depending on the answer. One person who already replied is assuming that the data are on a remote server. That would lead to a completely different Perl interface than most of the other cases. We can't really advise you very well on how to do what you want without knowing more about what exactly it is that you want to do.