This paper presents a model which can support network security objects, improve the Amon ott’s rules with small amount of operations and storages for practicality, enhance the flexibility available for system implementation by making the single level becoming level range , and control IPC objects effectively. For these purposes, the Amon ott’s rules for dynamically modifying the current sensitivity level are extended to ones for sensitivity levels range, so Bell's work on making the single level becoming level range for network security can be combined with Amon ott’s. Considering the cases in the practical system GEMSOS,DG/UX and prototype microkernel system Fluke, single level entity, multiple level entity and special access mode for progress, and the invariants and constraints corresponding to them are introduced. Based on Tmack’s way, a sufficient mechanism for IPC objects is posed. In addition, some flaws in ABLP model are pointed out. A new confidentiality policy model with formal specification of invariants, constraints, variables, and constants has been presented with demonstrating reasonableness for some constraints, and it can be used for system design.