Synonyms
Definition
Mandatory access control (MAC) is a security policy that encapsulates confidentiality of an object in the realm of computer security. This policy goes beyond the control of the owner of an object and is defined as a control policy set up by a central authority who can determine what information can be accessed by whom [1]. This is in contrast with discretionary access control (DAC) where the owner is empowered with the setting of access control on an object. More formally, MAC is a “means of restricting access to objects based on the sensitivity (as represented by a security label) of the information contained in the objects and the formal authorization (i.e.,...
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Recommended Reading
Pfleeger CP, Pfleeger SL (2007) Security in computing, 4th edn. Prentice Hall, Upper Saddle River
Committee of National Security Systems (2001) National information assurance (IA) Glossary, CNSS Instruction No. 4009, 26 April 2001
Department of Defense (1985) Trusted computer system evaluation criteria, DOD 5200.28-STD, December 1985
Bell DE, La Padula LJ (1976) Secure computer system: unified exposition and MULTICS, Technical Report ESD-TR-75–306, The MITRE Corporation, Bedford
Fraim LJ (1983) SCOMP: a solution to the multilevel security problem. IEEE Comput 16(7):26–34
National Computer Security Center (1991) Final evaluation report: Boeing space and defense group, MLS LAN Secure Network Server System, 28 August 1991
Weissman C (1992) BLACKER: security for the DDN, examples of A1 security engineering trades. In: Proceedings of the IEEE symposium on security and privacy, Oakland, pp 286–292
Committee on Computer-Computer Communication Protocols (1985) Transport protocols for department of defense data networks. National Academies Press, Washington, DC
Bauer M (2006) An introduction to Novell AppArmor. Linux J, (148):36, 38, 40–41, August 2006
McCarty B (2004) SELINUX: NSA’s open source security enhanced Linux. O’Reilly Media, Sebastopol
Ray I, Kumar M (2006) Towards a location-based mandatory access control model. Comput Secur 25(1):36–44
Jafarian JH, Amini M, Jalili R (2009) A dynamic mandatory access control model. In: Sarbazi-Azad H, Parhami B, Miremadi S-G, Hessabi S (eds) Advances in computer science and engineering. Springer, Berlin Heidelberg, pp 862–866
Li N, Mao Z, Chen H (2009) Usable mandatory access control for operating systems. In: Raghav Rao H, Upadhyaya S (eds) Information assurance, security and privacy services. Emerald, Bingley
Bishop M (2005) Introduction to computer security. Addison Wesley Professional, Reading
Trusted Solaris 8 Operating Environment, White Paper (2000) Sun Microsystems, Palo Alto
FreeBSD handbook, FreeBSD Documentation Project (2000)
HP-UX Trusted Computing Services Administrator’s Guide (2007) HP Part Number: 5991–7466
Legacy MLS/Trusted Systems and SELinux – Concepts and Comparisons to Simplify Migration and Adoption (2006) Hewlett-Packard White Paper 4AA1–0827ENW
Ferraiolo DF, Kuhn DR, Chandramouli R (2003) Role-based access control. Artech House, Boston and London
Decker M (2008) Requirements for a location-based access control model. In: Proceedings of the 6th international conference on advances in mobile computing & multimedia (MoMM2008), Linz, Austria, November 2008
Wright C, Cowan C, Smalley S, Morris J, Kroah-Hartman G (2002) Linux security modules. In: 11th Ottawa Linux symposium, Ottawa
Smalley S, Vance C, Salamon W (2001) Implementing SELinux as a Linux security module. Technical Report 01-43, NAI Labs
Ferraiolo DF, Sandhu R, Gavrila S, Kuhn DR, Chandramouli R (2001) Proposed NIST standard for role-based access control. ACM Trans Inf Syst Secur 4:224–274
Shankar U, Jaeger T, Sailer R (2006) Toward automated information-flow integrity verification for security-critical applications. In: Proceedings of the network and distributed systems security symposium, San Diego, February 2006, pp 267–280
Hicks B, Rueda S, Jaeger T, McDaniel P (2007) From trusted to secure: building and executing applications that enforce systems security. In: Proceedings of the 2007 USENIX annual technical conference, Santa Clara, May 2007, pp 205–218
St. Clair L, Schiffman J, Jaeger T, McDaniel P (2007) Establishing and sustaining system integrity via root of trust installation. In: Proceedings of the 2007 annual computer security applications conference, Miami Beach, December 2007, pp 19–29
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer Science+Business Media, LLC
About this entry
Cite this entry
Upadhyaya, S. (2011). Mandatory Access Control. In: van Tilborg, H.C.A., Jajodia, S. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA. https://doi.org/10.1007/978-1-4419-5906-5_784
Download citation
DOI: https://doi.org/10.1007/978-1-4419-5906-5_784
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4419-5905-8
Online ISBN: 978-1-4419-5906-5
eBook Packages: Computer ScienceReference Module Computer Science and Engineering