Monitor Reference

Reference Monitor

Related Concepts – Access control – Access control policy – Security kernel Definition A reference monitor concept defines a set of design requirements on a reference validation mechanism, which enforces an access control policy over subjects' (e.g., processes and users) ability to perform operations (e.g., read and write) on objects (e.g., files and sockets) on a system. – The reference valida...

A Distributed High Assurance Reference Monitor

We present DHARMA, a distributed high assurance reference monitor that is generated mechanically by the formal methods tool PVS from a verified specification of its key algorithms. DHARMA supports policies that allow delegation of access rights, as well as structured, distributed names. To test DHARMA, we use it as the core reference monitor behind a web server that serves files over SSL connec...

How reference networks develop, implement, and monitor guidelines

Rare diseases pose many challenges. A paucity of randomised controlled trials for most conditions means that best-practice care guidelines are often non-existent or poorly developed. Where they exist, healthcare professionals may be unaware of them. Furthermore, evaluation of guidelines is difficult, as traditional methods of health-care research (such as hospital admissions and mortality stati...

The Inlined Reference Monitor Approach to Security Policy Enforcement

Using Proven Reference Monitor Patterns for Security Evaluation

The most effective approach to evaluating the security of complex systems is to deliberately construct the systems using security patterns specifically designed to make them evaluable. Just such an integrated set of security patterns was created decades ago based on the Reference Monitor abstraction. An associated systematic security engineering and evaluation methodology was codified as an eng...