The Reference Validation Mechanism that ensures the authorized access relationships between subjects and objects is implementing which of the following concept:
Click on the arrows to vote for the correct answer
A. B. C. D.A.
The reference monitor concept is an abstract machine that ensures that all subjects have the necessary access rights before accessing objects.
Therefore, the kernel will mediates all accesses to objects by subjects and will do so by validating through the reference monitor concept.
The kernel does not decide whether or not the access will be granted, it will be the Reference Monitor which is a subset of the kernel that will say YES or NO.
All access requests will be intercepted by the Kernel, validated through the reference monitor, and then access will either be denied or granted according to the request and the subject privileges within the system.
1.The reference monitor must be small enough to be full tested and valided 2.The Kernel must MEDIATE all access request from subjects to objects 3.The processes implementing the reference monitor must be protected 4.The reference monitor must be tamperproof The following answers are incorrect: The security kernel is the mechanism that actually enforces the rules of the reference monitor concept.
The other answers are distractors.
Shon Harris, All In One, 5th Edition, Security Architecture and Design,Page 330 also see http://en.wikipedia.org/wiki/Reference_monitor.
The Reference Validation Mechanism (RVM) is a security mechanism that checks whether the access rights of a subject (e.g., a user or a process) to an object (e.g., a file or a device) are authorized. The RVM is responsible for enforcing the access control policies of the system and ensuring that only authorized accesses are granted.
The RVM is implemented by a security component called the Reference Monitor (A). The Reference Monitor is a critical security component that sits at the core of the operating system and provides the foundation for enforcing the security policy of the system. The Reference Monitor is responsible for mediating all access requests and enforcing the access control policies of the system.
Discretionary Access Control (B) is a type of access control in which the owner of an object determines who can access the object and what actions they can perform on it. In a DAC system, the owner of an object has the discretion to grant or deny access to other users or processes. DAC systems are often used in small-scale systems or in environments where there is a high degree of trust between users.
The Security Kernel (C) is the part of the operating system that provides core security functions, such as access control, authentication, and auditing. The Security Kernel is responsible for enforcing the security policies of the system and ensuring the integrity and confidentiality of system resources.
Mandatory Access Control (D) is a type of access control in which access rights are determined by a set of predefined rules or policies. In an MAC system, the system administrator defines a set of rules that specify which subjects can access which objects and what actions they can perform on them. MAC systems are often used in environments where there is a high degree of sensitivity or confidentiality, such as military or government systems.
In summary, the Reference Validation Mechanism is implemented by the Reference Monitor, which sits at the core of the operating system and is responsible for enforcing the access control policies of the system. The RVM ensures that only authorized accesses are granted and that the system remains secure. The correct answer to the question is A, The Reference Monitor.