MANDATORY ACCESS CONTROL MAC: How It Works

Access control is a security measure that can be used to prevent unauthorized access to sensitive data. But how does mandatory access control (MAC) contribute to security? Read on to find out.

What Is Access Control?

Users frequently come into contact with resources and assets that they should or should not have access to as they explore physical and digital networks. This is especially true in digital systems, where lateral migration to separate storage, application, or processing locations can expose the entire infrastructure to hazardous security threats.

To keep assets and resources separate, security managers utilize “access controls,” which define who has access to certain resources.

Once a user has been authenticated and authorized to enter a system using a user account or identity, an access control system establishes restrictions that govern who, when, where, and, in some cases, how that user can browse the system.

While on the surface, this notion appears straightforward, there are various different access control schemas that assist secure resources against unauthorized access, but we will focus on one here – mandatory access control.

What Is Mandatory Access Control MAC?

Mandatory access control (MAC) is an access control model in which the operating system grants access to users depending on data confidentiality and user clearance levels. Access is granted on a need-to-know basis in this model: users must demonstrate a need for information before receiving access.

Mandatory access control MAC is also known as a non-discretionary control model, which means that control is not granted at the user’s or file owner’s discretion. MAC’s control mechanisms adhere to zero-trust principles.

MAC is regarded as the most secure access control model. In this model, access rules are specified manually by system administrators and rigidly enforced by the operating system or security kernel. Even for data, they’ve developed, regular users can’t change the security properties.

What Are the Fundamental Concepts of Mandatory Access Control MAC?

1. The privacy and confidentiality of the organization’s resources are of the utmost importance. No one has default access or editing privileges to someone else’s data.
2. Access provisioning is managed centrally.
3. Security labels with classification and category are assigned to each human and resource in the system.

The procedure for acquiring access with MAC is as follows:

1. The administrator configures access restrictions and establishes security parameters such as confidentiality levels and clearances for different projects and resource types.
2. Each subject (user or resource that accesses data) and object (file, database, port, etc.) is given a set of attributes by the administrator.
3. When a subject attempts to access an object, the operating system evaluates the subject’s security attributes and determines whether or not access is permitted.
4. The user enters their credentials to gain access to the item.

Operating systems pay attention to category matches between subject and object in addition to assessing confidentiality and clearance levels (classification matches between subject and object). If a user is not a member of the required category for the object, having a “top secret” classification does not automatically grant them complete access to a file.

Consider data with the “top secret” secrecy level and the “engineering project” security classification. It is only accessible to users who have both “top secret” clearance (classification) and permission to access engineering documents (category). These users can also gain access to material that requires a lesser level of security clearance. Employees with lesser levels of clearance or no access to engineering documents, on the other hand, cannot access such information.

A cybersecurity system benefits greatly from MAC. However, there are numerous drawbacks to consider. Consider the advantages and cons of mandatory access control.

MAC’s Pros and Cons

Pros

• High level of data security – Access to objects is defined by an administrator, and users cannot change that access.
• Granularity — An administrator manually configures user access permissions and object access parameters.
• Immunity to Trojan Horse Attacks – Users cannot declassify or provide access to classified material, making them immune to Trojan Horse assaults.
• Fewer errors – Strict and regularly monitored policies aid in the reduction of system errors that result in over-privileged users.
• Strict division – Admins divide users into subsets and utilize security attributes to limit resource exposure for these groupings.

Cons

• Maintainability – Manually configuring security levels and clearances necessitates administrators’ ongoing attention.
• Scalability – MAC does not automatically scale. New users and data require frequent adjustments to objects and account configurations.
• Interference with users’ work – Users must request access to each new piece of data they encounter; they cannot define access parameters for their own data.

When Should You Use a Mandatory Access Control MAC?

This access control model is mostly employed by government agencies, militaries, and law enforcement agencies. The US government employs MAC to secure secret information as well as to support tiered security policies and applications. In the insurance and banking industries, MAC is used to control access to customer account data for greater data protection and compliance. This non-discretionary access control model can also safeguard access to a database, where the objects are procedures, tables, views, and other features.

It makes sense to employ MAC in firms that prioritize data security over operational flexibility and expenses. Because of the system’s complexity and inflexibility, MAC implementation in a private organization is uncommon.

A pure MAC model provides granular and high-level security. However, it is tough to set up and manage. As a result, MAC is frequently combined with other access control schemes.

Combining it, for example, with the role-based model expedites the creation of user profiles. An administrator can construct user roles instead of defining access rights for each individual user. Users with comparable roles and access rights exist in every organization: workers with the same job title, third-party vendors, and so on. Instead of building individual user profiles from scratch, an administrator can configure roles for these groups.

Another frequent pairing is MAC with the discretionary access control model, abbreviated as DAC. MAC protects sensitive data, whereas DAC allows coworkers to share information within a corporate file system.

Other Access Control Methods

#1. Rules-Based Access Control

This method assigns permissions to users based on a predefined set of rules and policies. These rules establish a “context” from which resource access can be obtained. These restrictions are outlined in an Access Control List (ACL) that is attached to an “object” (the resource, whether it is processing permissions, data, account access, or something else).

Some examples of rule-based access include limiting system access to specific times of day or locations (for example, limiting access to devices at or near an office location).

#2. Roles-Based Access Control

Role-based access is a method in which an organization’s user roles define access permissions. The organization will have a well-defined organizational hierarchy as well as a clearly defined set of permissions depending on responsibilities within that hierarchy. Any user who is assigned to a role will be granted the permissions associated with that role.

Role-based access is extremely prevalent. Role-based permissions are most commonly found in multi-user systems. A public-facing service provider (such as an email or cloud service provider) may have multiple categories of accounts (users, VIP users, administrators, moderators, and so on), each with its own example of permissions and access controls. To allow for a shared environment, a role-based system would restrict who can access what within the system.

#3. Attribute-Based Access Control

Attribute-based systems are more granular than both role-based and rule-based systems. Rather than looking at a list of rules associated with resources (as in rule systems) or roles (as in role systems), attribute-based systems can extract dynamic information from user accounts to create more fluid and responsive access systems.

Assume a corporation deals with classified examples. Individual users might thus be designated for access to SECRET data—this would be an attribute of the person, not a role or a resource.

These techniques to access control are not mutually exclusive. For example, attribute- and role-based systems can be used to fine-tune the system and data security.

#4. Discretionary Access Control

Discretionary Access Control (DAC), on the other hand, allows customers and business end-users additional control over their access controls. While a security administrator may create roles and permissions throughout the system, the user may override such permissions to provide access to certain users who should have access based on their business credentials.

This strategy can provide some flexibility in terms of how a company grants people to access. When local business administrators neglect to update or configure their local permissions, it introduces possible vulnerabilities. As a result, DAC is a high-maintenance technology that, while adaptable, requires constant maintenance.

What Is the Difference Between Mandatory and Discretionary Access Control?

The MAC and DAC are polarized. While various access control methods can coexist in some ways, it’s difficult (if not impossible) to successfully field both DAC and MAC without stomping on each other.

Having said that, these incompatibilities are caused in part by the disparities between the two techniques. Mandatory and discretionary differ in several important ways:

• Protection: When applied correctly, mandatory discretion provides more reliable and predictable protection. Discretionary access control can give an organization with important flexibility, but it can also present possible conflicts between individual and organization-wide permissions.
• User Control: Additionally, mandatory restrictions aren’t extremely flexible outside of their schema, and for good reason—to solve organizational security challenges connected to access. However, there are genuine situations in which employees in an organization should be granted access to specific resources even if their position or user attributes do not permit it.
• Maintainability: Typically, mandatory access controls are developed from the top down and centrally planned. That is, they can support robust authorization throughout a system, with security and regulatory requirements implemented in a single location.

On the other side, DAC can get complicated if an end-user implements local access control carelessly or fails to update their permissions list when staff depart or are terminated.

Conclusion

Mandatory access control (MAC) is a security method that limits individual resource owners’ ability to give or prohibit access to file system resource objects. The system administrator defines the MAC requirements, which are rigidly enforced by the operating system (OS) or security kernel and cannot be changed by end users.

Mandatory access control, which is commonly used in government and military installations, operates by assigning a classification label to each file system item. There are three levels of classification: confidential, secret, and top secret. Each user and device on the system is classified and cleared at the same level. When a person or device attempts to access a certain resource, the operating system or security kernel checks the entity’s credentials to determine whether or not access is authorized. While it is the most secure access control option available, MAC necessitates careful planning and regular monitoring to ensure that all resource objects and users are classified correctly.

MAC is the highest degree of access control, as opposed to lower-level discretionary access control (DAC), which allows individual resource owners to create their own rules and impose security constraints.

Mandatory Access Control FAQs

What is difference between MAC and DAC?

The use of DAC is less secure. The use of MAC is more secure. The owner of DAC can define access and privileges, as well as restrict resources, based on the identity of the users. In MAC, the system only assesses access, and resources are restricted based on the individuals’ clearance.

Does Windows use MAC or DAC?

Most operating systems, including all versions of Windows, Linux, and Macintosh, as well as most varieties of Unix, are based on DAC models.

What is DAC model?

Discretionary access control (DAC) is a model of access control in which access is determined by the resource’s owner. The resource’s owner has control over who has access and who does not, as well as what kind of access they have.

Related Articles

• DISCRETIONARY ACCESS CONTROL: Definition and Examples
• Active Directory Management Tools: What It Is and All You Need to Know About It
• Discretionary Investment Management: Overview, Advantages, and Risk
• DISCRETIONARY INCOME DEFINITION: What It Is, Difference, and Examples
• School Management Software: Top Picks In 2022

References

• TechTarget
• IBM.com
• ScienceDirect