A
computer security model is a scheme for specifying and enforcing
security policies. A security model may be founded upon a formal model of access rights, a model of computation, a model of
distributed computing, or no particular theoretical grounding at all. A computer security model is implemented through a
computer security policy.