Recent development of the peer-to-peer (P2P) live streaming technique has brought unprecedented new momentum to the Internet with the characters of effective, scalable, and low cost. However, before these applications can be successfully deployed as commercial applications, efficient access control mechanisms are needed. This work based on earlier research of the secure streaming architecture in TrustStream, analyzes how to ensure that only authorized users can access the original media in the P2P live streaming system by adopting a user authentication and key management scheme. The major features of this system include (1) the management server issues each authorized user a unique public key certificate, (2) the one-way hash chain extends the certificate's lifetime, (3) the original media is encrypted by the session key and delivered to the communication group, and (4) the session key is periodically updated and distributed with the media. Finally, analyses and test results show that scheme provides a secure, scalable, reliable, and efficient access control solution for P2P live streaming systems.