Mandatory Access Control is a strict, centralized model where a system-wide authority enforces all permissions. Access is granted only when a user’s clearance meets or exceeds the resource’s classification level.

System decides all access rights, not users.
It is based on clearance (user) and classification (resource)
Highly secure and used in military/government systems
Prevents unauthorized information sharing

Types of Mandatory Access Control

1. Multilevel Security Systems

Uses a vertical hierarchy of security levels.

Users access data at or below their clearance
Prevents unauthorized access to higher classifications
Common in military and government systems

2. Multilateral Security Systems

Uses both vertical (classification) and horizontal (segments/domains) access controls.

Access is based on compartments, categories, or domains
More flexible than strict multilevel models
Used when data separation involves multiple dimensions

Key Characteristics

Here are the key characteristics of Mandatory Access Control (MAC):

1. Centralized Control

Access decisions in MAC are made entirely by the system, based on predefined policies. Users have no authority to grant, modify, or override access permissions.
Access control is managed exclusively by administrators or enforced through predefined security policies. Users have no ability to alter or delegate access rights.

2. Policy-Based Access

The access can be determined by formal security policies.
These policies are predefined, and they can apply uniformly across all users, processes, and resources, without expectation.

3. No User Discretion

The user have no access to change or share the permissions.
It prevents users from modifying, assigning, or delegating access rights, ensuring that all permissions are strictly governed by system-enforced security policies.

4. High Security Assurance

It provides strong protection against data leakage and unauthorized access.
It is commonly used in military, government, and critical infrastructure systems.

Working of Mandatory Access Control

Here is the working of Mandatory Access Control:

1. Access Request

When a user tries to access a resource, the system first initiates a privilege check.

This access attempt triggers the MAC system to evaluate two key components:

The user’s clearance level (subject)
The resource’s classification level (object)

2. User Privilege Level

Each user in a MAC-enforced system is assigned a clearance level based on their role or trust level. Examples include:

Employee
Supervisor
Manager
Administrator

These labels define how sensitive the resource is and who is allowed to access it.

3. Access Decision Process

The MAC system compares the user’s clearance level with the resource’s classification:

If the user's clearance level is equal to or higher than the classification of the resource then Access is granted
If the user's clearance level is lower than the classification of the resource then Access is denied

This ensures strict adherence to security policies and avoids unauthorized data exposure.

Practices for Implementing Mandatory Access Control

To effectively implement and maintain MAC in a secure environment, follow these best practices:

1. Define Clear Security Policies

Create precise, consistent policies
Define classification levels, access rules, and responsibilities
Include procedures for exceptions and policy violations

2. Classify Subjects and Resources with Labels

Assign correct security labels to users, files, and processes
Maintain consistent labeling to prevent accidental access issues

3. Use Proven MAC Models

SELinux: Policy-based, used in RHEL, Fedora, CentOS
AppArmor: Path-based, simpler, used in Ubuntu and Debian
TrustedBSD MAC Framework: Provides advanced MAC modules in FreeBSD

4. Regular Audits and Continuous Monitoring

Perform regular audits to ensure proper enforcement
Use tools (e.g., JIT automation tools) for real-time alerts and compliance reports
Identify unauthorized attempts and improve system security proactively

Mandatory Access Control