E-learning defined as learning activities performed over electronic devices is rapidly increasing and has become one of the key e-commerce applications with a growing commercial market in the near future. Access control and authorization in E-learning workflow is a vital problem with low costs and no location limits for students. E-learning organizers prefer to disseminate their message as widely as possible, while at the same time authorized people only are able to access disseminative information. However, in the E-learning workflow it is a challenge to protect from access, such as reading and updating, the digital message that has been disseminated out from the organizations. This paper aims to substantially provide a foundation for developing appropriate security solutions for organizations' secure dissemination of digital information. An application-level secure architecture is developed based on the references on both server side and client side. The architecture provides control and tracking capabilities for dissemination and usage of digital information while others provide only tracking capability. The outcomes of this paper can immediately apply to prevent unauthorized dissemination of digital content amongst agents of universities regardless of their intention or possession of the digital information and will contribute to higher security in E-learning. Copyright © 2011 John Wiley & Sons, Ltd.