Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
enforces the access relationship between users and objects in a system. Reference
Monitors are the gatekeepers or mediators used to ensure only authorized users access
that an attacker cannot circumvent the security policy. It must be easy to analyze and
test, must be tamper proof and must always be invoked. Figure 1 is a representative
Figure 1
The system I have chosen to exam in the context of reference monitor is PKI. A public
key infrastructure is a set of roles, policies and procedures needed to create, manage,
distribute, use, store and revoke digital certificate and manage public-key encryption
The PKI construct is, at the macro level, a reference monitor. Its main function is access
control in the sense that its purpose is to ensure only authorized users are able to access
authorization databases and audit trail. Although the PKI construct is comparable to a
reference monitor in that it has subjects (users requesting access), objects (encrypted
data), authorization databases (certifying authority), it lacks an inherent audit feature. The
lack of an audit feature is a big deal and has ramifications. It is important to have a
common practice for information system owners is to have a security logging and
monitoring plan in place that checks for suspicious activities like failed logons.
Additionally there are programs like Cert Spotter that monitor and track unauthorized
certificates.
Reference
Russell, D., & Gangemi, G.T. (1991) Computer Security Basics. Sebastopol, CA
O’Reilly Media.
R Lewis. (2016, May 5). The Reference Monitor - A Necessary Security Mechanism
[Web log comment]. Retrieved from https://www.peerlyst.com/ posts/the-reference-
monitor-a-necessary-security-mechanism
Page, M. G. CISSP (2016). Exam Cram: Security Architecture and Models. Pearson
Education Inc.