Information stored in XML documents should be protected by access control policy. Current access control models for XML documents are all based on DAC (discretionary access control) or RBAC (role-based access control). High security system uses MAC (mandatory access control) to secure information in system. XML document model is extended to include label information in this paper, and some rules that the extended model has to satisfy with are presented. Fine-grained MAC model for XML documents is described in detail by discussing four operations on XML documents. The fine-grained MAC model is based on XML schema, and its finest granularity of access control is element or attribute. The architecture and some mechanisms used to implement the fine-grained MAC model are discussed too.