Mandatory access control and role-based access control revisited

Abstract

In this paper we reexamine the interaction between role-based access control and mandatory access control. We examine the question: from the perspect,ive of a given role graph in which the objects have been assigned security classifications, can its roles be assigned to subjects without violating mandai.ory access control rules? A detailed study of the structure of individual roles and edges in a role graph is undertaken. We show that the combinai,ion of the structure imposed by the role graphs and the MAC rules means that the possible structure of a role graph in which roles are assignable to subjects without violating MAC rules is greatly restricted.