Does Alfresco ECM has component, that allows to work not through role-based access control, but using mandatory access control (MAC)?
No. Alfresco ECM has no out of the box support for any dynamic authority security concepts like RBAC, MAC which supports defining (business) rules on (business) objects. Alfresco calls roles what in real are permission bundles (group of permissions) to be attached to a content node.
To be fair: most general purpose dms systems don't support dynamic, configurable role concepts in the sense of RBAC and MAC but Alfresco has the low level support to implement this:
Take a look into Authorization And Access Control
We implemented this for special use cases (e.g. role based access for special document types or access rights based on associations to implement case mimik) but it may be a bigger job as expected to make this working transparent in Share and scalable over millions of documents.