The University of SydneyPage 13Models of Security–Two fundamental computer security facts–All complex software systems have eventually revealed flaws or bugs that need to be fixed–It is extraordinarily difficult to build computer hardware/software not vulnerable to security attacks–Goal of a security policy: prevent the unauthorized disclosure of information dealing with information flow and integrity.–A Security model is a formal description of a Security Policy–Security models are used to•Document security policy•Conceptualiseand design an implementation•Check if an implementation meets its requirements•Test security policy for completeness and consistency•To understand the relation between Security and Trust