MAC

            Mandatory access control systems are rarely found outside of
            military and intelligence networks. MAC systems are very
            expensive to set up and maintain and require substantial physical
            and procedural controls.

            A MAC system still requires the consent of the asset owner to
            grant permissions, but the second level of access controls based
            on labels also must be satisfied, or access will not be granted.
            The labels are based on the classification of the object (set by
            the object owner) and the clearance of the user (usually set by a
            security administrator). This supports the separation of duties
            and is a check and balance to ensure that access would not be
            granted in error or in violation of policy by the owner of the
            system.

            The principles of MAC and DAC were outlined in the old
            Orange Book (TCSEC) that set out the criteria for evaluating the
            security of information systems.



            Attacks on Access Control Systems
            Every system must be built with the expectation that it will be
            attacked. This especially applies to access control systems since
            they manage access to most systems and provide the point of an
            attack for an unauthorized user attempting to gain access. There
            are many types of attacks - from password cracking to physical
            penetration, and from low-level social engineering to highly
            technical advanced persistent threats (APTs).