Type enforcement
Under Type Enforcement is defined as a form of implementation of a MAC system's. When defining the access rules, it is not the resources to be protected themselves that are specified , but a type that has been assigned to them.
example
Under SELinux , a group of files to be protected can be assigned a type. For example, you can assign the type var_mqueue_t to all files that are in the mail spool .
If you want to allow a mail server to access these files, you only have to specify the type var_mqueue_t in the access rules instead of file names .
Implementations
SELinux is an extension of the Linux operating system , which implements a type enforcement system.