The way you could set this up is to use dynamic menu items. The menu item could have a security rating on it, with the users having a security level stored in the database. When the user logs in, a session variable is set to store the security level the user has. In the recordset to get the links that the user has security clearance for, only get the links that the user has clearance for. So you would want to filter based on link security level <= user security level.