In general terms, mandatory security policy represents any security policy that is defined strictly by system security policy administrator along with any policy attributes associated [23]. Mandatory security policy can be divided into subpolicies, all mandatory by their nature, demonstrating the recursive nature of the definition.
Mandatory Access Control (MAC) can be viewed as a subpolicy of mandatory security policy as well as the mandatory security policy as a whole if no other mandatory policies are implemented in the system. MAC policy specifies how certain subjects can access operating system objects and services [23]. There are two fundamental implications of the MAC approach [23]:
Since the inception of MAC numerous mechanisms of implementing it have been researched, some of which are: type enforcement and domain type enforcement [22,24], role based access control [11], SubDomains [9], capabilities [5,18,19,32] etc. Several attempts were even made at providing MAC through DAC [23] but they failed due to complexity incurred. Standards like IEEE POSIX 1003.6 were also developed to support MAC.