MANDATORY PROTECTION CONTROL IN VIRTUAL MACHINES

The present invention relates to a method (100) for ensuring Mandatory Access Control (MAC) in a virtual machine (VM) adapted for running object oriented programs and based on strongly typed language, by means of a mandatory access control module (Instr_module), said method comprising: - configuring the mandatory access control module (Instr_module) with an access policy (Acc_pol); - upon event reception indicating a method invocation (Meth_entry) or an access request to a variable member, adding an access control label (LabE, LabR) to the object calling the method (Meth) or requesting the access, named "caller" (CalR), and the object called by the method (Meth) or whose access is requested, named "callee" (CalE), according to the caller and callee language types (Typ_CalR, Typ_CalE); - making a decision (Dec) of blocking the execution of the method (Meth) or the access to the variable member, named "negative decision", or a decision (Dec) of letting the virtual machine (VM) run the method (Meth) or access the variable member, named "positive decision", according to said access control labels (LabE, LabR), the instance numbers of the caller and the callee (Inst_Num), the access policy (Acc_pol), and the access permissions; - transmitting said decision (Dec) to the virtual machine (VM) for blocking or granting the corresponding access attempt.