A computer security model is simply a way in which the various components of a computer system’s security can be organized and arranged in a more accessible manner. Security for a computer system typically requires planning and organization to ensure proper execution. While someone can simply decide on the necessary elements for a secure system and then implement them, doing so may not allow that person to easily recognize potential flaws and weaknesses. A computer security model is often used as a visual aid or a design document that allows someone to arrange the different layers of security and more easily find potential weaknesses.
There are typically many different components, including both physical and software elements, that are used in the implementation of security for a computer system. The use of a computer security model allows someone to more easily plan out the creation of such a system, and allows someone to see each element that is necessary. There are also a number of existing models that have been created by various data and network security agencies. Someone can use this type of established computer security model and modify it for his or her specific needs, rather than trying to determine every component from scratch.
One of the most important elements of a computer security model is that it allows a person to more easily organize the necessary elements for a secure system. If someone wants to secure a business network from attacks against the company, for example, then he or she can use a model to plan out the way in which this can be done. The model may have multiple layers of security that are necessary, often used to visualize where potential threats or attacks might come from. Each of these layers in a computer security model represents different security concerns, with the internal layer being the data itself, surrounded by the users with access to that data, and moving outward until the public layer is reached.
Although various types of computer security model can be used, this type of layered approach is quite common. It allows someone to consider the specific security risks and needs of each layer, so that data can be secured in different ways. The internal layers that represent user access are often protected through the use of access control and identification protocols, such as the implementation of usernames and passwords. Outer layers of a computer security model indicate where external attacks might come from, and can require firewalls and other protective software as well as ongoing risk assessment to secure.