In　order　to　improve　system　security　and　prevent　the　illegal　information　flows　spread,　this　paper　presents　a　new　security　policy　model　based　on　trusted　computing,　multi-domain　access　control　model.　It　analyzes　the　objects　and　subjects　of　the　applications,　and　assigns　them　into　cooperating　trust　domains.　Then　it　isolates　the　undesirable　actions　of　applications　through　some　mechanisms,　such　as　evaluating　the　trust　value　and　enforcing　the　access　control　rules.　Finally　it　guarantees　the　application　process　in　expectations　flow.