Setting Up Mandatory Access Control Method

The mandatory access control method is used to grant permissions at DBMS level and is based on assigning system objects and subjects with a security level. Object security levels determine access to stored information: the lower is the level, the higher is the security. Subject security levels determine access to information.

NOTE. The mandatory access control method can be used together with the discretionary access control method.

When the mandatory access control is used, all the information stored in the system is divided into categories. Each category can contain any number of security levels. The levels are comparable if they belong to the same information category. All security levels have different criticality labels. The lower is the label value, the higher is the security degree of the level.

Categories can be of two types:

To use mandatory access control method:

  1. Select the Use Mandatory Access Control checkbox on the Access Control tab of the policies editor.

  2. Create user accounts and groups of users.

  3. Add security categories and levels.

  4. Set security levels for subjects and objects.

Access Control Mechanisms

Mandatory access control determines only the possibility to read and modify objects; permissions to delete objects are not determined by mandatory access control. In this context, editing objects means changing their contents or access permissions.

A subject can read an object:

A subject gets write permissions:

A subject gets read and write permissions if object and user criticality labels match.

When there are several information categories with different security levels, these rules must be satisfied for each category for the user to get permissions to read or edit the information.

The specific level with the security label 0 means that the user is denied to read and write information. A user with this level has no access to any repository object. If this level is assigned to an object, none of the users can have access to it.

Example

Suppose, there are several security levels for a hierarchical category:

0. Access denied.

1. Restricted access.

2. Limited access.

3. Public access (general use).

And there are three users with the security levels:

User1. Restricted access (1).

User2. Limited access (2).

User3. Public access (3).

Therefore, the structure of the system can be shown as the chart:

The circles represent security levels with corresponding criticality labels.

Labels:

Thus, in this system:

All users cannot access objects with the 0 - Access Denied security level.

See also:

Selecting Access Control Methods and Their Setup | Adding Security Categories and Levels