What can best be described as an abstract machine which must mediate all access to subjects to objects?
Click on the arrows to vote for the correct answer
A. B. C. D.B.
The reference monitor is an abstract machine which must mediate all access to subjects to objects, be protected from modification, be verifiable as correct, and is always invoked.
The security kernel is the hardware, firmware and software elements of a trusted computing base that implement the reference monitor concept.
The security perimeter includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base.
System elements that are outside of the security perimeter need not be trusted.
A security domain is a domain of trust that shares a single security policy and single management.
Source: TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation.
The correct answer is B. The reference monitor.
A reference monitor is an abstract machine that mediates all access between subjects (such as users, processes, or programs) and objects (such as files, devices, or network resources) in a computer system. The reference monitor is responsible for enforcing the security policy of the system by determining whether a given access request should be allowed or denied based on a set of predefined rules and criteria.
The reference monitor is an essential component of the security kernel, which is the core of a secure operating system. The security kernel is responsible for implementing the security mechanisms and policies of the system, such as access control, authentication, encryption, and auditing. The security kernel must be tamper-proof and protected from unauthorized access or modification.
A security domain is a logical grouping of resources and subjects that share a common security policy and level of trust. A security perimeter is the boundary that separates the internal and external networks of a system or organization. Both of these concepts are related to security, but they do not directly refer to the abstract machine that mediates access control.
In summary, the reference monitor is the abstract machine that mediates all access to subjects and objects in a computer system, and it is a key component of the security kernel that implements the security mechanisms and policies of the system.