MAC

Mandatory access control (MAC) models do not leave access decisions up to the
data owner, instead systems compare the subjects’ clearances and need-to-know
to the objects’ classification to either grant or disallow access. Every object has a
security label assigned to it,which includes classification information (top secret,
secret, etc.). In order to access an object, the subject’s clearance level must be
equal to or greater than the object’s classification. For example, if Dave has a
“top secret” clearance, and an object has a “secret” classification, Dave’s clearance
dominates the objects classification. But Dave cannot access all top-secret information
within his military branch, his access is also based on his need-to-know.
The second piece of a security label is referred to as categories, as shown in
Figure 2-5.Categories outline the groups that a subjectmust have a need-to-know
of before access to the object can be granted. If Dave has a need-to-know for
one of these categories, and his clearance is equal to or dominates the object’s
classification, he can access it.
Security labels are the core decision-making component in MAC environments;
they are assigned by system administrators or security officers and
should be changed only in a well-defined manner so the security policy is supported
and enforced. Systems that implement MAC models are used in highly
secured environments, such as military or government organizations.