August 2009
Intermediate to advanced
893 pages
26h 48m
English
Content preview from Database Systems: Concepts, Design and Applications
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
14.4. Mandatory Access Control
Mandatory access control (also called security scheme) is based on system-wide policies that cannot be changed by individual users. It is used to enforce multi-level security by classifying the data and users into various security classes or levels and then implementing the appropriate security policy of the organisation. Thus, in this scheme each data object is labelled with a certain classification level and each user is given a certain clearance level. A given data object can then be accessed only by users with the appropriate clearance of a particular classification level. Thus, a mandatory access control technique classifies data and users based on security classes such as top secret (TS), secret (S), confidential ...