Mandatory Access Control

In computer security, mandatory access control (MAC) refers to a type of access control by which the operating system constrains the ability of a subject or initiator to access or generally perform some sort of operation on an object or target. In practice, a subject is usually a process or thread; objects are constructs such as files, directories, TCP/UDP ports, shared memory segments, etc. Subjects and objects each have a set of security attributes. Whenever a subject attempts to access an object, an authorization rule enforced by the operating system kernel examines these security attributes and decides whether the access can take place. Any operation by any subject on any object will be tested against the set of authorization rules (aka policy) to determine if the operation is allowed. A database management system, in its access control mechanism, can also apply mandatory access control; in this case, the objects are tables, views, procedures, etc.

With mandatory access control, this security policy is centrally controlled by a security policy administrator; users do not have the ability to override the policy and, for example, grant access to files that would otherwise be restricted. By contrast, discretionary access control (DAC), which also governs the ability of subjects to access objects, allows users the ability to make policy decisions and/or assign security attributes. (The traditional Unix system of users, groups, and read-write-execute permissions is an example of DAC.) MAC-enabled systems allow policy administrators to implement organization-wide security policies. Unlike with DAC, users cannot override or modify this policy, either accidentally or intentionally. This allows security administrators to define a central policy that is guaranteed (in principle) to be enforced for all users.

Historically and traditionally, MAC has been closely associated with multi-level secure (MLS) systems. The Trusted Computer System Evaluation Criteria(TCSEC), the seminal work on the subject which is often referred to as the "Orange Book", defines MAC as "a means of restricting access to objects based on the sensitivity (as represented by a label) of the information contained in the objects and the formal authorization (i.e., clearance) of subjects to access information of such sensitivity". Early implementations of MAC such as Honeywell's SCOMP, USAF SACDIN, NSA Blacker, and Boeing's MLS LAN focused on MLS to protect military-oriented security classification levels with robust enforcement. Originally, the term MAC denoted that the access controls were not only guaranteed in principle, but in fact. Early security strategies enabled enforcement guarantees that were dependable in the face of national lab level attacks.

More recently, with the advent of implementations such as SELinux (incorporated into Linux kernels from 2.6) and Mandatory Integrity Control (incorporated into Windows Vista and newer), MAC has started to become more mainstream and is evolving out of the MLS niche. These more recent MAC implementations have recognized that the narrow TCSEC definition, focused as it was on MLS, is too specific for general use. These implementations provide more depth and flexibility than earlier MLS-focused implementations, allowing (for example) administrators to focus on issues such as network attacks and malware without the rigor or constraints of MLS systems.

Read more about Mandatory Access Control:  Implications of The Term mandatory, Degrees of MAC System Strength, Evaluation of MAC System Strength, Implementations

Famous quotes containing the words mandatory, access and/or control:

    Off south, the bison multiply so fast
    a slaughter’s mandatory every spring
    and every spring the creeks get fat
    and Kicking Horse fills up.
    Richard Hugo (1923–1982)

    The professional celebrity, male and female, is the crowning result of the star system of a society that makes a fetish of competition. In America, this system is carried to the point where a man who can knock a small white ball into a series of holes in the ground with more efficiency than anyone else thereby gains social access to the President of the United States.
    C. Wright Mills (1916–1962)

    I candidly confess that I have ever looked on Cuba as the most interesting addition which could ever be made to our system of States. The control which, with Florida, this island would give us over the Gulf of Mexico, and the countries and isthmus bordering on it, as well as all those whose waters flow into it, would fill up the measure of our political well-being.
    Thomas Jefferson (1743–1826)