14.4. Mandatory Access Control

Mandatory access control (also called security scheme) is based on system-wide policies that cannot be changed by individual users. It is used to enforce multi-level security by classifying the data and users into various security classes or levels and then implementing the appropriate security policy of the organisation. Thus, in this scheme each data object is labelled with a certain classification level and each user is given a certain clearance level. A given data object can then be accessed only by users with the appropriate clearance of a particular classification level. Thus, a mandatory access control technique classifies data and users based on security classes such as top secret (TS), secret (S), confidential ...

Get Database Systems: Concepts, Design and Applications now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.