Which of the following correctly describes the relationship between the reference monitor and the security kernel?
A.
The security kernel implements and enforces the reference monitor.
B.
The reference monitor is the core of the trusted computing base, which is made up of the security kernel.
C.
The reference monitor implements and enforces the security kernel.
D.
The security kernel, aka abstract machine, implements the reference monitor concept.
Explanation:
A: The trusted computing base (TCB) is the total combination of a system’s protection mechanisms. These are in the form of hardware, software, and firmware.
These same components also comprise the security kernel. The reference monitor is an access control concept that is implemented and enforced by the security kernel
via the hardware, software, and firmware. In doing so, the security kernel ensures that subjects have the appropriate authorization to access the objects they are
requesting. The subject, be it a program, user, or process, should not be able to access a file, program, or resource it is requesting until it has proven that it has the
appropriate access rights.
B is incorrect because the reference monitor is not the core of the trusted computing base (TCB). The core of the TCB is the security kernel, and the security kernel
carries out the reference monitor concept. The reference monitor is a concept pertaining to access control. Since it is not a physical component, it is often referred to as
an “abstract machine.” The reference monitor mediates access between subjects and objects in an effort to ensure that subjects have the necessary rights to access
objects and to protect objects from unauthorized access and destructive changes.
C is incorrect because the reference monitor does not implement and enforce the security kernel. Rather, the security kernel implements and enforces the reference
monitor. The reference monitor is an abstract concept, while the security kernel is a combination of hardware, software, and firmware within the trusted computing base.
The security kernel has three requirements, which are also the requirements of the reference monitor. The security kernel must tamperproof and isolate the processes
executing the reference monitor concept. Likewise, the security kernel must be implemented so that it is invoked for every access attempt and cannot be circumvented.
Finally, the security kernel must be small enough to enable its comprehensive testing and verification.
D is incorrect because abstract machine is not another name for the security kernel. Abstract machine is another name for the reference monitor, which can also be
referred to as the reference monitor concept. The concept states that an abstract machine serves as the mediator between subjects and objects to ensure that the
subjects have the necessary rights to access the objects they are requesting and to protect the objects from unauthorized access and modification. The security kernel
is responsible for carrying out these activities.
Trusted computing base (TCB) is the total combination of a system’s protection mechanisms. These are in the form of hardware, software, and firmware.
These same components also comprise the security kernel.
Reference monitor is an access control concept that is implemented and enforced by the security kernel via the hardware, software, and firmware.
0
0
The trusted computing base (TCB) of a computer system is the set of all hardware, firmware, and/or software components that are critical to its security, in the sense that bugs or vulnerabilities occurring inside the TCB might jeopardize the security properties of the entire system.
0
0