Abstract
This paper views the Reference Monitor in a new framework that makes it possible to generalize from passive to active monitors. It describes a major trend in the evolution of information systems security. The concepts are a practical reflection of real-world needs, expressed in a theoretical framework. The approach of employing active and passive policies provides a higher level of security than would otherwise be possible. The passive traditional Reference Monitor that interprets security policies and permits or prohibits access requests is supplemented by an active monitor to initiate behavior, such as taking positive actions to maintain integrity, taking recovery actions to restore situations after failures, and regularly monitoring the system. This extension to enforcement of various policies supports distributed systems architectures as the appropriate model for thinking about information technology (IT) security.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
