Mandatory Access Control
As stated in , “in computer security, ‘mandatory access control (MAC)’ refers to a kind of access control defined by the National Computer Security Center’s Trusted Computer System Evaluation Criteria (TCSEC) as a means of restricting access to objects based on the sensitivity (as represented by a label) of the information contained in the objects and the formal authorization (i.e., clearance) of subjects to access information of such sensitivity.” With operating systems, the subjects are processes and objects are files. The goal is to ensure that when a subject accesses a file, no unauthorized information is leaked.
MAC Models: MAC models were developed initially for secure operating systems mainly in the 1970s and early 1980s, and started with the Bell and La Padula security model. This model has two properties: the simple security property and the *-property (pronounced the star property). The simple security property states that...
- 2.Bell D, LaPadula L. “Secure Computer Systems: Mathematical Foundations and Model,” M74-244. Bedford: The MITRE Corporation; 1973.Google Scholar
- 3.Goguen J, Meseguer J. Security policies and security models. In: Proceedings of the IEEE Symposium on Security and Privacy; 1982. p. 11–20.Google Scholar