A computer security model is a scheme for specifying and enforcing security policies. A security model may be founded upon a formal model of access rights, a model of computation, a model of distributed computing, or no particular theoretical grounding at all. A computer security model is implemented through a computer security policy.

For a more complete list of available articles on specific security models, see Category:Computer security models.

• Access control list (ACL)
• Attribute-based access control (ABAC)
• Bell–LaPadula model
• Biba model
• Brewer and Nash model
• Capability-based security
• Clark-Wilson model
• Context-based access control (CBAC)
• Graham-Denning model
• Harrison-Ruzzo-Ullman (HRU)
• High-water mark (computer security)
• Lattice-based access control (LBAC)
• Mandatory access control (MAC)
• Multi-level security (MLS)
• Non-interference (security)
• Object-capability model
• Protection ring
• Relationship-based access control (ReBAC)
• Role-based access control (RBAC)
• Take-grant protection model
• Discretionary access control (DAC)

• Security modes
• Protection mechanism

• Krutz, Ronald L. and Vines, Russell Dean, The CISSP Prep Guide; Gold Edition, Wiley Publishing, Inc., Indianapolis, Indiana, 2003.
• CISSP Boot Camp Student Guide, Book 1 (v.082807), Vigilar, Inc.