The aim of this course is to look deeply into security policies for information systems which were seen in the common core course SSI(Security in Systems of Information) An overall preventative and rigorous approach showing how to secure information systems and reduce as much as possible breaches of security will be presented. Formal models of access control will be presented. Their application to current or future exploitation systems and data-bases will be dealt with. The course will be completed with a look at intrusion detection.