Computer and information security covers many areas within an enterprise. Each area has security vulnerabilities and, hopefully, some corresponding countermeasures that raise the security level and provide better protection. Not understanding the different areas and security levels of network devices, operating systems, hardware, protocols and applications can cause security vulnerabilities that can affect the environment as a whole.
Two fundamental concepts in computer and information security are the security model, which outlines how security is to be implemented -- in other words, providing a "blueprint" -- and the architecture of a computer system, which fulfills this blueprint.
A security policy outlines how data is accessed, what level of security is required and what actions should be taken when these requirements are not met. The policy outlines the expectations of a computer system or device. A security model is a statement that outlines the requirements necessary to properly support and implement a certain security policy. If a security policy dictates that all users must be identified, authenticated and authorized before accessing network resources, the security model might lay out an access control matrix that should be constructed so that it fulfills the requirements of the security policy. If a security policy states that no one from a lower security level should be able to view or modify information at a higher security level, the supporting security model will outline the necessary logic and rules that need to be implemented to ensure that under no circumstances can a lower-level subject access a higher-level object in an unauthorized manner. A security model provides a deeper explanation of how a computer operating system should be developed to properly support a specific security policy.
Individual systems and devices can have their own security policies. We are not talking about organizational security policies that contain management's directives. The systems' security policies and models they use should enforce the higher-level organizational security policy that is in place.
Read the rest of Chapter 5, Security Models and Architecture