Abstract: There are four protective layers in a Computer Information System (CIS). This paper discusses the mechanism of protective layer one-the access control, flow control, inference control and encryption control, introduces a secure model of database or information base, and reaches the conclusion that the four protective layers are based upon each other, none of them can be missed, otherwise the security of CIS is not guaranteed.