At first glance both have similar security models, but on closer exampination they are significantly different. Both use Pincipals, Permissions and Roles. Both acquire permissions from the parents. But that is where they diverge. Zope 2 has permissions on funcions. Every funciton could be given a security declaration. Zopache and Grok have security on views. Every view can require a permission. Both Zope 2 and Grok have permissions that are independent of the data. Permissions only depend on the tree. In Zopache, permissions depend on the data. If the hiring manager so chooses, only German candidates can see the job.
The implementatino of security also differs. In Zope 2, every object has a permissions view. It was a big, often a huge table. In Zopache, you drop a permssion object in a folder. You call it the name of the permission. Permissions are then aquuired from the parents, or ZClass. It is an easy way for end users to control access to their information.
I invite you to Register and then link to your own blog postings and