It becomes very difficult to apply information security to a whole system because the software ecosystem is becoming more and more complex. Indeed, nowadays it is rare to build a machine software stack only by using in-house software; it is common to combine open sources software, commercial software and in-house solutions, all with very different know-how and skills about secure development and design. As a consequence, a single failure in the design, development, deployment and maintenance activities may introduce a security breach. Additionally, software vulnerabilities are more on more highlighted at the application level, on the client side (Flash plug-in, Acrobat Reader, Internet Browsers, Smartphones Apps), as well as on the server side (machine virtualization, application servers (PHP, Java, .Net), Web middleware, Databases).
For a long time, Discretionary Access Control (DAC) has been used. This approach is user or role based, that is why if root/admin access is gained by an attacker, the overall access control becomes useless. To cope up with this problem, Mandatory Access Control (MAC) has been designed. Mandatory Access Control is a security approach to enforce operating system authorization by forcing access request checking. This is done in regards to a security policy independent from system users.
One MAC implementation, SElinux, can be applied at system level to enforce Security Policies, regardless the user identity. Even an illegitimate “root” can be blocked by MAC. Windows Vista and Seven now include MAC by default, and administration tasks must be explicitly defined or approved.
However, this type of access control is not efficient for ensuring security into virtual machines, for example Java Virtual Machines (JVM). Indeed, the JVM process is like a black box to the system that is why it is often impossible for the system to distinguish between malicious and legitimate activities in the JVM. Java Authentication and Authorization Service (JAAS) is classically used for ensuring security in the JVM, but this security mechanism is not mandatory and is only a perimeter protection between the JVM and the system.