US Patent 10521599 Label transition for mandatory access controls

Systems and methods for enforcing label-based mandatory access control are provided. A first label may be assigned to a resource. An event associated with a resource may be detected. The resource may be relabeled, in response to detection of the event, from a first label to a second label in accordance with a transition rule. The transition rule may be included in a security policy. The transition rule may indicate that the resource is to be relabeled to the second label if the event is detected. Access to the resource may be controlled according to an access rule in the security policy. The access rule may be applicable to the resource based on the access rule identifying the second label assigned to the resource.