Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
Springer Nature Link
Log in

Mandatory Access Control Policy (MAC)

  • Reference work entry
Encyclopedia of Cryptography and Security

  • 199 Accesses

Related Concepts

Access Control Policies, Models, and Mechanisms; Mandatory Access Control

Definition

Mandatory access control policies (MACs) control access based on mandated regulations determined by a central authority.

Theory

With a mandatory access control policy, access decisions are made by a central authority [1]. The most common form of mandatory policy is the multilevel security policy , based on the classifications of subjects and objects in the system. Objects are passive entities storing information. Subjects are active entities that request access to the objects. Note that there is a distinction between subjects of the mandatory policy and the authorization subjects considered in the discretionary policies. While authorization subjects typically correspond to users (or groups thereof), mandatory policies make a distinction between users and subjects. Users are human beings who can access the system, while subjects are processes (i.e., programs in execution) operating on...

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 799.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Recommended Reading

  1. Samarati P, De Capitani di Vimercati S (2001) Access control: policies, models, and mechanisms. In: Focardi R, Gorrieri R (eds) Foundations of Security Analysis and Design, LNCS, vol 2171. Springer, Heidelberg

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dipartimento di Tecnologie dell’Informazione (DTI), Università degli Studi di Milano, Via Bramante 65, 26013, Crema (CR), Italy

    Sabrina De Capitani di Vimercati Prof. & Pierangela Samarati

Authors
  1. Sabrina De Capitani di Vimercati Prof.
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Pierangela Samarati
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Mathematics and Computing Science, Eindhoven University of Technology, 5600 MB, Eindhoven, The Netherlands

    Henk C. A. van Tilborg

  2. Center for Secure Information Systems, George Mason University, Fairfax, VA, 22030-4422, USA

    Sushil Jajodia

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer Science+Business Media, LLC

About this entry

Cite this entry

De Capitani di Vimercati, S., Samarati, P. (2011). Mandatory Access Control Policy (MAC). In: van Tilborg, H.C.A., Jajodia, S. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA. https://doi.org/10.1007/978-1-4419-5906-5_822

Download citation

Publish with us

Policies and ethics

Search

Navigation