Reference Monitor

Reference Monitor

Sabrina Toubbeh

University of San Diego

CSOL 500

8 February 2021
Reference Monitor
2

Purpose/Abstract

The purpose of this report is to select a system that implements a security policy and

describe how the system relates to the reference monitor. This report specifically goes over the

Windows NT system and how the Security Reference Monitor (SRM) works to implement

security.

System

The system I have chosen is the Microsoft Windows NT which implements a security

policy. Windows NT was Microsoft’s most popular operating system for all types of networks

ranging from workgroups to enterprise-level installations. Windows NT was released in 1993

and provided a secure, scalable, reliable 32-bit operating system platform designed for

networked organizations. Windows NT had two versions - a server version called Windows NT

Advanced Server and an associated client version called Windows NT 3.1. Windows NT

provides a lot of network and security features. Windows NT domains are implemented using

domain controllers for secure logins in a networking environment. NT File System (NTFS)

includes security features for data access control and ownership privileges that make it suitable

for file servers, web servers, and application servers in the corporate networking environment.

Security Reference Monitor

The Windows NT security reference monitor (SRM) is a component which is responsible

for handling user requests to access objects in the system and enforcing security policy defined

by the Local Security Authority (LSA). A user cannot directly access an object with Windows

NT. A user can only gain access to an object with validation by the SRM. For example, an

organization can deny access -- by defining policies in LSA -- for users in the accounting
Reference Monitor
3

department to access any related HR files and resources which is enforced by the SRM in kernel

mode.

In Windows NT, the security reference monitor runs in kernel mode. The SRM is a

component of Executive Services which make up the low-level kernel mode portion. Their

functions as listed: I/O operations, object management, security and process management. The

SRM uses access tokens to identify the security context of a process, which describes privileges,

accounts, and groups associated with the process. The SRM compares SIDs in the discretionary

access control list (DACL) to the SIDs in the access token to determine whether a process can

obtain requested access to an object. Group account SIDs in a token identify which group a user

account is part of.

Reference Monitor
4

References:

Windows NT Security Part 2. ( n.d).

http://www.blacksheepnetworks.com/security/info/nt/sec2/ntsec2.html

Network Encyclopedia. (n.d). https://networkencyclopedia.com/security-reference-monitor/

Chapter 5. (n.d.). Retrieved February 09, 2021, from

https://web.archive.org/web/20121102215909/http://www.microsoft.com/resources/

documentation/windowsnt/4/workstation/reskit/en-us/archi.mspx?mfr=true

Architecture of windows nt. (2020, December 18). Retrieved February 09, 2021, from

https://en.wikipedia.org/wiki/Architecture_of_Windows_NT