In this paper, two independent definitions of system security are given through two distinct aspects of a system execution, i.e. state and transform. These two definitions are proven to be equivalent, which gives both confidence to the soundness of our explication and insight into the internal causality of information flow. Using this definition of information flow security, a general security model for nondeterministic computer systems is presented. On one hand, our model is based on information flow which allows it to explicate security semantically as other information flow models. On the other hand, our model imposes concrete constraints on the internal system processes which facilitate implementation and verification in the fashion of access security models. Our model is also more general than previous state-based information flow models, e.g. allowing for concurrency among system processes, which is more suitable for distributed systems.