Reference Monitor

According to Bosworth, Kabay, & Whyne (2014), the reference monitor is a

controlling element in the hardware and OS of a computer that regulates the access of
the subjects to objects on the basis of security parameters of the subject and object.
The reference monitor has access to a file, known as the security kernel database, that
lists the access privileges (security clearance) of each subject and the protection
attributes (classification level) of each object.
The Security Reference Monitor is responsible for enforcing the access-validation
and audit-generation policy defined by the local Security subsystem. It provides services
to both kernel and user mode for validating access to objects, checking user privileges,
and generating audit messages (Microsoft Corporation, 2016).

Audit
File

Reference
Monitor Objects
Subjects
(Policy)

Security Kernel
database

Subject: Security
clearances
Object: Security
classification

Truth be told Im not sure exactly what the security policy is for the DoD or how
extensive it is. However I feel that on the military side the Security Kernel database
would most likely lists things that can and cannot be sent via e-mail or phrases that if
found in an e-mail would alert the system administrators. Or I know on many military
issued laptops the system administrators are the ones who are authorized to run
updates and install programs; I feel that this would also be listed in the Security Kernel
database. Going back to the e-mail reference if an e-mail containing classified
information (subject) was sent with the wrong classification (object) then the system
administrator would be alerted and person in questions account would be locked
pending an investigation and an event would be logged in the audit file.
I know on the computers I worked on while deployed certain websites where
blocked. I do not believe an event is logged in the audit file, you just normally get a
screen that says DoD policy has required the blocking of this website. I think another
example could be the process of moving files from one classified server to another.
While I was stationed with a Central Command unit sometimes we would need to move
information from one server/computer or another server/computer. Information could
only go up in classification it could never get moved back down. What we would do is
put the file we wanted moved into a special file, then the system administrator would
burn it to a disk and transfer that file to the other computer where you could access it
once more. It is a bit of a process and one we tried not to use that often but sometimes
certain products really did not need to be classified as high as the systems we worked
off of and we had to utilize unclassified networks to find the information.
In the military with working on the intelligence side of the house the goal is not
only to provide accurate intelligence to our commanders and create the best and most
useful intelligence products we can. Our goal is also protecting that same intelligence.
Spillage is always going to be a big issue be it accidental or malicious. Having security
policies in place help us to know what we can and cannot do and what the procedures
are if a spillage situation does happen. There were a few times while on deployment
that sensitive information was sent via the unclassified network and the users in
question had to have their access locked, stopping their ability to do their job, they did
not mean any harm by what they did it was just a simple mistake. However, if that
mission data was intercepted the movement of our troops would have been
compromised and the mission would have had to be canceled or worse we wouldnt
have caught the incident and a team could have been hurt.
 References

Bosworth, S., Kabay, M., & Whyne, E. (2014). Computer Security Handbook (Vol. 1).
Hoboken, NJ, USA: John Wiley & Sons, Inc. .

Microsoft Corporation. (2016). Microsoft. Retrieved 2016, from Windows NT

Workstation Resource Kits:
https://www.microsoft.com/resources/documentation/windowsnt/4/workstation/res
kit/en-us/archi.mspx?mfr=true