Implementation of Mandatory Access Control using Staff Levels

Abstract

Database security is the system, processes, and procedures that protect a database from unintended activity. There are two type of database security, description access control (DAC) and Mandatory Access Control (MAC) also called multi level security (MLS). This system provides a realization of mandatory access control in an existing role-based security system by labeling all users with clearances and all other data objects with classifications. The proposed system is intended to provide right access control based on user’s roles that are assigned according to the enterprise’s policy decision. In the system, the administrator can access all data and can make all transactions of the whole system and the data occupation of the respective level. The system users have project manager (level-4), assistant manager (level-3), team leader (level-2) and developer (level-1).These levels are defined by the system administrator. User who own right access account can manage data from Database Server.