Back to Security Pattern Catalog

Reference Monitor

Classification Key : Core Security, Information Disclosure


Authorization policies have to enforced. How can the authorization policies be enforced to prevent the users and processes from performing illegal actions ?


Define a process that intercepts all requests for resources and validates access on them.

Known Uses

Operating systems like Windows 2000, Solaris 9, AIX. Java Security Manager.

Related Patterns

Policy Enforcement Point


Wiley Book


Policy, Access Control


Last modified: May 05, 2012

Conceived and Maintained by: Munawar Hafiz