Abstract: Insider threat is widely recognized as an utmost important issue for organization security management As the most important information asset (documents)，they are the chief target of insider misuse. The former coarse grained security policies that operate on "the principle of least privilege" or "separate of duty" are not enough to address documenu security about insider threat issue. We presented a novel multi-level security policy model and related algorithms,and defined the concept of document information flow and information flow graph. According to system context’s change,it will generate dynamic restriction conditions about information flow. And its aim is to prohibit these probable hiding channels of information flow.

Key words: Insider threat, Security policy, Information flow, Security level, Information flow graph