Reference Monitor

March 5, 2018

Reference Monitor

You are here:
< Back

The security engineering term for IT functionality that—
1) controls all access,
2) cannot be bypassed,
3) is tamper-resistant, and
4) provides confidence that the other three items are true.
SOURCE: SP 800-33

Concept of an abstract machine that enforces Target of Evaluation (TOE) access control policies.
SOURCE: CNSSI-4009