Skip main navigation

Security Kernel

In this video, you will learn about security kernels; that is, the reference monitor that mediates access.
6.8
When we’re talking about managing every single transaction between a subject and an object, we need to make sure that that process is complete. And in technology– In the physical world, the example we gave of accessing a property, we were the mediator for that process. In a technology environment, in an operating system, what manages that process is the security kernel. And we have the concept of the reference monitor. In fact, if you’re on a Windows machine, if you open up the task viewer and look down the list of processes, you will see a process called refmon.exe. This is our reference monitor. So this is an abstract concept that mediates all access that subjects have to objects.
57
So, all access between subjects and objects go through the reference monitor. This is to make sure that every single transaction is appropriately authorized, that the subject has the appropriate rights and permissions to conform to the access that is being requested. The security kernel is made up of hardware, of software, and firmware components. And, typically, we call this the trusted computer base, or the TCB. The security kernel mediates all access and functions between our subjects and objects, and the trusted computer base gives us that security.
97.7
Here we’ll also see things like the hardware security module, things like the TPM chip in Windows devices (the trusted platform module) that contains some of our stored keys or that can help with our crypto processes. So we want our security kernel to be isolated, to be able to operate in isolation – in effect, for it to become tamper-proof. And typically, we see a different level of privilege assigned to something like the security kernel than is granted to users. So it operates at a much higher security state. We need it to mediate all access. If it’s not mediating all access, if it’s mediating some, then potentially the security kernel can be bypassed.
145.7
Also, if we think about the real world, with things like door entry systems or data centre fire suppression systems, we want those to be fail-safe. We want people to be left in an environment where they are physically safe. With logical processes and logical security, we typically want to fail secure. We want the secure outcome to be the default one rather than safe. So here what we’re wanting is the security kernel – if it fails in any way, if it detects tampering – for it to fail in a way that leaves the operating system secure.
185.8
The final principle around the security kernel that we want to enforce is that we want to make sure that it is small enough to be tested comprehensively. So typically, the security kernel, in coding terms, is a very, very small, very tightly defined element of software. And it is understood. It can be tested and verified completely. We understand what it is doing, and we can verify that its operation is complete and accurate.

In this video, you will learn about security kernels; that is, the reference monitor that mediates access. Every security must do the following:

  • isolate processes
  • mediate all access
  • provide a ‘fail secure’ process
  • be simple enough to be tested comprehensively

Reflect and share: A security kernel can take many forms and is not limited to software. What security kernels do you have in place or would like to put in place, and why? Share in the comments below.

This article is from the free online

Cyber Security Foundations: Identity and Access Management

Created by
FutureLearn - Learning For Life

Our purpose is to transform access to education.

We offer a diverse selection of courses from leading universities and cultural institutions from around the world. These are delivered one step at a time, and are accessible on mobile, tablet and desktop, so you can fit learning around your life.

We believe learning should be an enjoyable, social experience, so our courses offer the opportunity to discuss what you’re learning with others as you go, helping you make fresh discoveries and form new ideas.
You can unlock new opportunities with unlimited access to hundreds of online short courses for a year by subscribing to our Unlimited package. Build your knowledge with top universities and organisations.

Learn more about how FutureLearn is transforming access to education