Title :
Is the reference monitor concept fatally flawed? The case for the negative
Author :
Shockley, William R. ; Downey, James P.
Abstract :
The reference monitor (RM) model has passed the critical test imposed by the methodology of science: it has been a productive concept for the field of computer security since its introduction. The call to abandon a productive model, however intellectually stimulating, should not be heeded simply for the sake of novelty. It is our hope that this debate will stimulate an examination of foundations, but we do not believe that such an examination, carefully undertaken, supports the affirmative case. We urge our readers and listeners to embrace the following conclusions, favoring dismissal of the resolution: first, that claims that the RM model is fundamentally flawed must be based on more than wishful thinking or technical frustration. Second, that radical claims for “new paradigms” be subjected to the usual degree of skepticism unless accompanied by compelling proofs of concept
Keywords :
security of data; computer security; new paradigms; productive model; reference monitor; scientific methodology; technical frustration; Access control; Computer aided software engineering; Computer security; Computerized monitoring; Condition monitoring; Control systems; Testing;
Conference_Titel :
Security and Privacy, 1997. Proceedings., 1997 IEEE Symposium on
Conference_Location :
Oakland, CA
Print_ISBN :
0-8186-7828-3
DOI :
10.1109/SECPRI.1997.601307
