We are independent & ad-supported. We may earn a commission for purchases made through our links.
Advertiser Disclosure
Our website is an independent, advertising-supported platform. We provide our content free of charge to our readers, and to keep it that way, we rely on revenue generated through advertisements and affiliate partnerships. This means that when you click on certain links on our site and make a purchase, we may earn a commission. Learn more.
How We Make Money
We sustain our operations through affiliate commissions and advertising. If you click on an affiliate link and make a purchase, we may receive a commission from the merchant at no additional cost to you. We also display advertisements on our website, which help generate revenue to support our work and keep our content free for readers. Our editorial team operates independently of our advertising and affiliate partnerships to ensure that our content remains unbiased and focused on providing you with the best information and recommendations based on thorough research and honest evaluations. To remain transparent, we’ve provided a list of our current affiliate partners here.
Security

Our Promise to you

Founded in 2002, our company has been a trusted resource for readers seeking informative and engaging content. Our dedication to quality remains unwavering—and will never change. We follow a strict editorial policy, ensuring that our content is authored by highly qualified professionals and edited by subject matter experts. This guarantees that everything we publish is objective, accurate, and trustworthy.

Over the years, we've refined our approach to cover a wide range of topics, providing readers with reliable and practical advice to enhance their knowledge and skills. That's why millions of readers turn to us each year. Join us in celebrating the joy of learning, guided by standards you can trust.

What Is Mandatory Access Control?

Mary McMahon
By
Updated: May 16, 2024
Views: 7,513
Share

Mandatory access control (MAC) is an approach to system security where an administrator sets access controls and the system enforces them, without allowing users to override security settings. This can be a more aggressive way to control access to a system and may be used in situations where computers contain confidential or potentially compromising data. The system decides which users, processes, and devices should have access to which areas, and enforces this across the board.

A system administrator can use preset mandatory access control guidelines based on user profiles, and can also add measures into the system. This allows administrators to fine-tune access within a system. Once these settings are implemented, only the administrator can override them. The system cannot grant access to an entity without the proper clearance, even if it attempts to override the setting. This covers not just computer users but also any devices and processes connected to the system.

This contrasts with another approach, known as discretionary access control. In this model, users can override security settings; for example, a user could tell a directory to show all hidden files, and it would have to do so. This is less secure, as users get to decide how much access they should have. If they encounter access barriers, they can simply work around them, rather than being repelled from an area where they should not be, as under mandatory access control.

For a high security system, mandatory access control is very important. Such systems rely on controls to maintain the security and confidentiality of information. Government agencies, financial companies, and other organizations that maintain complex and personal data must keep it secure. Sometimes this is mandated under law, and these organizations need to be able to provide proof of access controls and other measures to protect their data when asked to do so by inspectors and auditors.

In other settings, mandatory access control may not be required, but it can be helpful. Administrators can use it to keep users out of locations where they do not need to be, and to prevent issues like inadvertent settings changes made by users who are not knowledgeable about the computer system. In a situation where multiple people use a single computer terminal, mandatory access control can prevent unauthorized activities. It can also limit opportunities to send data to peripheral devices or processes in an attempt to work around security measures.

Share
EasyTechJunkie is dedicated to providing accurate and trustworthy information. We carefully select reputable sources and employ a rigorous fact-checking process to maintain the highest standards. To learn more about our commitment to accuracy, read our editorial process.
Mary McMahon
By Mary McMahon

Ever since she began contributing to the site several years ago, Mary has embraced the exciting challenge of being a EasyTechJunkie researcher and writer. Mary has a liberal arts degree from Goddard College and spends her free time reading, cooking, and exploring the great outdoors.

Discussion Comments
Mary McMahon
Mary McMahon

Ever since she began contributing to the site several years ago, Mary has embraced the exciting challenge of being a...

Learn more
Share
https://www.easytechjunkie.com/what-is-mandatory-access-control.htm
Copy this link
EasyTechJunkie, in your inbox

Our latest articles, guides, and more, delivered daily.

EasyTechJunkie, in your inbox

Our latest articles, guides, and more, delivered daily.