HomeIdentity Security Encyclopedia › Mandatory Access Control

Mandatory Access Control

MAC

MAC is a strict access control model where access decisions are made by a central policy authority based on security labels and classifications — users cannot override or modify these controls.

IAM Access Control Model

❓ What is Mandatory Access Control?

MAC is a strict access control model where access decisions are made by a central policy authority based on security labels and classifications — users cannot override or modify these controls.

⚙️ How Does It Work?

Every resource is labeled with a security classification (Top Secret, Secret, Confidential). Every user has a clearance level. The system enforces access only to resources at or below the clearance level.

📍 Where Is It Used?

Government, military, intelligence agencies, classified systems — anywhere strict information compartmentalization is required.

💡 Real-World Example

A defense contractor's document system uses MAC. A Secret clearance analyst cannot open Top Secret documents even if she knows they exist. The OS enforces this without any possibility of override.

🔗 Related Terms

DAC RBAC Access Control IAM Compliance
← Least PrivilegeMulti-Factor Authentication →

Stay Ahead in Identity Security

Get weekly IAM, PAM & IGA insights delivered to your inbox via Identity Pulse.

Subscribe to Identity Pulse →
Scroll to top