MANDATORY ACCESS

CONTROL
DBMS
PRESENTED BY -
NEHA ADEPU - 01
PRIYA AGRAHARI -02
JANHAVI ASKAR -03
What is Database
Security ?

Database security refers to the process of

protecting and safeguards the database
from unauthorized access or cyber-attacks.
In database management systems (DBMS),
flow control, access control, and inference
control are three key components of security:

flow control - we control information

flows in frame of DBMS
inference control - control of
dependencies among data
access control - access to the
information in DBMS is restricted
ACCESS CONTROL
Access control is responsible for control of rules
determined by security policies for all direct accesses to
the system.
Traditional control systems work with notions subject,
object and operation. For a better image look at the figure
of secure DBMS.
Database access control is a method of allowing access to
company’s sensitive data only to those people (database
users) who are allowed to access such data and to restrict
access to unauthorized persons. It includes two main
components: authentication and authorization.
Types of Access Control

Mandatory Access Control (MAC).

Discretionary Access Control (DAC).
Role-Based Access Control (RBAC).
Attribute Based Access Control (ABAC).
MANDATORY ACCESS CONTROL

Mandatory Access Control (MAC) is a pre defined set of

capabilities and access to information

Inflexible and rigid

Most secure model
Must be carefully throughout and planning ahead
of time
Easy to spot breaches and deviations
.
What are the basic principles of MAC?

1. The utmost privacy and confidentiality of the organization’s

resources are paramount. No one has default privileges to
access or edit someone’s data.
2. Access provisioning is centrally administered.
3. Each individual and resource in the system has security labels
with their classification and category.
IMPORTANCE OF MAC..

MAC protocol is an essential tool for controlling data access. It is frequently

employed to secure information (private, sensitive, confidential, or
restricted data) that might cause harm to the company in case of a cyber
attack or data loss.
Here are several examples:
Operational technology.
Blueprints.
Partnership or merger and acquisition planning.
Intellectual property.
Financial details and transactions.
Medical data.
Customer data.
WORKING OF MAC

Security Labels
Access Control
Policies
Access Decision
Enforcement

Figure : Examples of labels/MAC

Mandatory Access Control (MAC) is a security model that restricts access to
resources based on the rules set by a system administrator or a security policy.
Here are the pros and cons of using Mandatory Access Control:

Pros:
Strong Security: MAC provides a high level of security by enforcing strict
access controls based on predefined security policies. This helps protect
sensitive data and resources from unauthorized access.

Centralized Management: MAC allows for centralized management of

access controls, making it easier for administrators to define and enforce
security policies across the entire system or network.

Reduced Risk of Data Breaches: By limiting access to resources according

to predefined rules, MAC reduces the risk of data breaches and insider
threats, as users cannot override or bypass access controls without proper
authorization.
Cons:
1. Complexity: Implementing and managing Mandatory Access Control can
be complex and requires a deep understanding of security policies and
access controls. It may require significant resources and expertise to
configure and maintain properly.
2. Lack of Flexibility: MAC systems are typically rigid and may not easily
accommodate changes in access requirements or user permissions. This
lack of flexibility can be challenging for organizations with dynamic
environments or evolving security needs.
3. Administrative Overhead: Enforcing strict access controls through MAC can
result in increased administrative overhead, as administrators need to
regularly review and update security policies to ensure they remain
effective and relevant.
4. Potential for Overly Restrictive Policies: If security policies are too restrictive,
they can impede productivity and hinder legitimate access to resources.
Finding the right balance between security and usability can be
challenging.
REFERENCES

1. https://www.ekransystem.com/en/blog/mac-vs-
dac#:~:text=Mandatory%20access%20control%20(MAC)%20is,for%20i
nformation%20before%20gaining%20access
2. https://research.aimultiple.com/mandatory-access-control/
Thank you