We are independent & ad-supported. We may earn a commission for purchases made through our links.
Advertiser Disclosure
Our website is an independent, advertising-supported platform. We provide our content free of charge to our readers, and to keep it that way, we rely on revenue generated through advertisements and affiliate partnerships. This means that when you click on certain links on our site and make a purchase, we may earn a commission. Learn more.
How We Make Money
We sustain our operations through affiliate commissions and advertising. If you click on an affiliate link and make a purchase, we may receive a commission from the merchant at no additional cost to you. We also display advertisements on our website, which help generate revenue to support our work and keep our content free for readers. Our editorial team operates independently of our advertising and affiliate partnerships to ensure that our content remains unbiased and focused on providing you with the best information and recommendations based on thorough research and honest evaluations. To remain transparent, we’ve provided a list of our current affiliate partners here.
Security

Our Promise to you

Founded in 2002, our company has been a trusted resource for readers seeking informative and engaging content. Our dedication to quality remains unwavering—and will never change. We follow a strict editorial policy, ensuring that our content is authored by highly qualified professionals and edited by subject matter experts. This guarantees that everything we publish is objective, accurate, and trustworthy.

Over the years, we've refined our approach to cover a wide range of topics, providing readers with reliable and practical advice to enhance their knowledge and skills. That's why millions of readers turn to us each year. Join us in celebrating the joy of learning, guided by standards you can trust.

What Is a Reference Monitor?

By T.S. Adams
Updated: May 16, 2024
Views: 11,350
Share

A reference monitor is a specific set of requirements governing the reference validation mechanism in a computer's operating system code. It acts to provide a theoretical ideal which protects the computer against potential hackers who might attempt to interfere with its access control policy. If the code of an operating system fails to meet the standards set by its reference monitor, the system will be vulnerable to external threats from malicious users seeking to breach its security policies.

A computer's access control policy determines not only who has the authority to log in to the system, but the individual users' rights to modify elements of the computer's system. It establishes a working hierarchy between authorized administrators of the computer — who can add and remove programs, make significant changes to the operating system, and so on — and regular restricted users of the computer, who are likely to have less freedom to modify the computer's systems. The reference validation mechanism sets these policies; in effect, it is like a security officer at a club or business. It does the dirty work of ensuring that everyone who gets into the system has the right to be there, along with keeping everyone in their place.

If the reference validation mechanism is a security officer, the reference monitor is the executive who determines the most effective paradigm for security. The reference monitor has three overarching goals for the reference validation mechanism. These can be generally summarized as alertness, incorruptibility, and testability.

Alertness means that the programmers of the operating system must ensure that the reference validation mechanism is active at all times. In other words, it has to remain "on the job" 24 hours a day in order to remain effective. If the operating system is running, the reference validation mechanism must be awake and working.

Incorruptibility means that the reference control mechanism must remain insusceptible to tampering. This means that it must ignore any and all outside attempts to influence its behavior. The goal of this is to prevent hackers from compromising the security of the system.

Finally, testability means that it must be a small enough process that the operating system can monitor it at all times. According to the ideal reference monitor policies, the operating system should be able to test the reference validation mechanism freely, checking to see whether it is doing its job correctly. These tests must be verifiable by the operating system, allowing it to run the tests repeatedly and achieve consistent, accurate results.

Share
EasyTechJunkie is dedicated to providing accurate and trustworthy information. We carefully select reputable sources and employ a rigorous fact-checking process to maintain the highest standards. To learn more about our commitment to accuracy, read our editorial process.
Discussion Comments
Share
https://www.easytechjunkie.com/what-is-a-reference-monitor.htm
Copy this link
EasyTechJunkie, in your inbox

Our latest articles, guides, and more, delivered daily.

EasyTechJunkie, in your inbox

Our latest articles, guides, and more, delivered daily.