A HIGHER-LEVEL OF COMPUTER SECURITY THROUGH ACTIVE POLICIES

This paper views the Reference Monitor in a new framework that makes i t possible to generalize from passive to active monitors. It describes a major trend in the evolution of information systems security. The c oncepts are a practical reflection of real-world needs, expressed in a theoretical framework The approach of employing active and passive po licies provides a higher level of security than would otherwise be pos sible. The passive traditional Reference Monitor that interprets secur ity policies and permits or prohibits access requests is supplemented by an active monitor to initiate behavior, such as taking positive act ions to maintain integrity, taking recovery actions to restore situati ons after failures, and regularly monitoring the system. This extensio n to enforcement of various policies supports distributed systems arch itectures as the appropriate model for thinking about information tech nology (IT) security.