In recent years, The information security has become a thriving and fast moving discipline in modern network society. people have realized that design and formulation of security strategy is very important and security failure is caused at least as often by bad incentives as by bad design. We find that incentives are becoming as important as technical design in achieving dependability. Systems are particularly prone to failure when the person guarding them is not the person who suffers when they fail. The growing use of security mechanisms to enable one system user to exert power over another user, rather than simply to exclude people who should not be users at all, introduces many strategic and policy issues.