With the current access control model, a reasonable unified control over confidentiality, integrity and availability cannot be achieved; especially the dynamic random access request control is far from perfect, not only always leaving some weak points open to possible attacks, but also bringing some unavoidable security problems caused by user errors in practical applications. A kind of confidentiality and integrity access control model based on the pre-authorization mechanisms is put forward. By combining BLP model and Biba model, and introducing the pre-authorization mechanisms, the reasonable control can be achieved over the dynamic random accesses activities. By making use of the condition control, the authority of subject performing the task is monitored timely, and granted or canceled dynamically. So the system’s confidentiality and integrity can both be realized, while guaranteeing its high availability, which is advantageous to the two-way flow of information. Finally, the application example of the model is given and its security is proved. 