A reference monitor is a system component that enforces access controls on an object. Specifically,
the reference monitor concept is an abstract machine that mediates all access of subjects to objects.
The hardware, firmware, and software elements of a trusted computing base that implement the
reference monitor concept are called:
A.
Identification and authentication (I & A) mechanisms
B.
The auditing subsystem
C.
The security kernel
D.
The authorization database
Explanation:
The security kernel implements the reference model concept. The reference model must have the
following characteristics: It must mediate all accesses. It must be protected from modification. It
must be verifiable as correct. Answer “the authorization database” is used by the reference monitor
to mediate accesses by subjects to objects. When a request for access is received, the reference
monitor refers to entries in the authorization database to verify that the operation requested by a
subject for application to an object is permitted. The authorization database has entries or
authorizations of the form subject, object, access mode. In answer “Identification and authentication
(I & A) mechanisms”, the I & A operation is separate from the reference monitor. The user enters
his/her identification to the I & A function. Then the user must be authenticated. Authentication is
verification that the user’s claimed identity is valid. Authentication is based on the following three
factor types: Type 1. Something you know, such as a PIN or password Type 2. Something you have,
such as an ATM card or smart card Type 3. Something you are (physically), such as a fingerprint or
retina scan Answer “The auditing subsystem” is a key complement to the reference monitor. The
auditing subsystem is used by the reference monitor to keep track of the reference monitor’s
activities. Examples of such activities include the date and time of an access request, identification of
the subject and objects involved, the access privileges requested and the result of the request.