A higher level of computer security through active policies

A higher level of computer security through active policies

This paper views the Reference Monitor in a new framework that makes it possible to generalize from passive to active monitors. It describes a major trend in the evolution of information systems security. The concepts are a practical reflection of real-world needs, expressed in a theoretical framewo...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Computers & security 1995-01, Vol.14 (2), p.147-157
Hauptverfasser: Abrams, Marshall D., Moffett, Jonathan D.
Format: Artikel
Sprache:eng
Schlagworte:
Active
Assurance
Computer programming
Cybersecurity
Distributed processing
Distributed systems
Monitor
Passive
Policies
Reference Monitor
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:This paper views the Reference Monitor in a new framework that makes it possible to generalize from passive to active monitors. It describes a major trend in the evolution of information systems security. The concepts are a practical reflection of real-world needs, expressed in a theoretical framework. The approach of employing active and passive policies provides a higher level of security than would otherwise be possible. The passive traditional Reference Monitor that interprets security policies and permits or prohibits access requests is supplemented by an active monitor to initiate behavior, such as taking positive actions to maintain integrity, taking recovery actions to restore situations after failures, and regularly monitoring the system. This extension to enforcement of various policies supports distributed systems architectures as the appropriate model for thinking about information technology (IT) security.
ISSN:0167-4048
1872-6208
DOI:10.1016/0167-4048(95)97048-F