Hi, folks, Ed here. I want to spend some time in this video with you, talking about an invention, [LAUGH] an early invention. This is a conceptual invention in cyber security. But before we talk about the specific invention, we'll talk a little bit in general about innovation and inventions, so on. So when you go back in time, and you look at any science, there's sort of these observations that are made, that generally lay the foundation, for subsequent work. And it's always funny, because you go back and you look at those foundational observations and you say, man, that was so obvious. What, was everybody really a dummy back then, they didn't get it? Like the idea that Newton had, watch an apple fall, and he starts dreaming what gravity means. Then you think well, duh, it's so obvious. But, it may not have been so obvious. It's funny how in hindsight, the really foundational concepts, are ones that look obvious, and the ones that don't live on, usually were things that are a complex way of looking at life or at any sort of thing, and they turn out to be wrong. So, some number of years ago, back in the 1970s, actually, there was a gentleman by the name of James Anderson, one of the early researchers in computer security, came up with this idea. It was called a reference monitor. And if you're old like me, you remember that operating systems, when they first came out in the 1960s, 70s and 80s, we actually called operating systems, monitor programs. I'm not sure why. It's certainly not in fashion now to refer to them as monitors, but whatever. So, the idea that James Anderson had, was trying to hypothesize what computer security was about. He said its about putting safe guards in place that ultimately sit between Active entities and Passive repositories. And you can see, we've got a picture up that you see here, that shows an active entity is subject that's trying to do something operationally to an object. And that there's this thing that's put in between the subject and this reference model, called the reference monitor. So, you see, it looks like a firewall. This thing that mediates or arbitrate between the subject, and the object. Arbitration is a type of man in the middle protocol interaction, where you participate in the protocol. Alternative would be, say, adjudication or judging, where you sit off to the side in a big chair and you watch the game played. And if it's not played properly, they bring the evidence to you and you render a judgment. Arbitrators sit right in the middle, and they watch things come in, and they watch things go out, and they're right in the middle of this. So James Anderson sketched out this idea of an arbitration model called reference monitor. And it struck such a chord in cyber security community, that to this day it’s one of the foundational ideas. James Anderson's reference monitor concept is to computer security what Newton's observation were to physics. So it’s so obvious, like I said, you go, duh. Yeah, I get a safeguard kind of is making sure that what's being requested, if things that is matter, is okay. It follows the policy. The entity requesting has a right authorization, that the right conditions are there for this access to be allowed. And if they're not, then I'm going to do something negative. I'm going to stop it, I'm going to log it, I'm going to yell at you, something's going to happen as a result of you making this request and the conditions not being sufficient to allow it. So every single day, as we're putting systems together, and we drop a safeguard into place, we drop an intrusion detection system into place, we drop a firewall into place. Ultimately, we're really looking at James Anderson's original model being realized in the context of a modern cyber security mechanism. So, again, foundational, it's something I want to make sure that you have in your mind, because I think it'll help you quite a bit as we go through the material. So, as an additional thought, how at times we like to give you something to take off as you think through the video lectures, I'd like you to think about this symbiosis between firewall and reference monitor. You can see from the diagrams that we've shown you, the reference monitor sits between one subject and one object as a firewall would. But what is there were a lot of subjects, a lot of objects that are scattered all over the place? What do you do then? Is a reference monitor one thing? Is it tangible? Could it be distributed? Could it be virtualized? Could it be part of the object? Could it be part of the subject? Could it be part of the network? These are the design considerations that emerge from a very simple, elegant concept such as reference monitor. So I want to make sure you, as you're pondering and thinking through this material, that's something I'd like you to spend a little bit of time on, in your private time. So I hope this has been helpful and we'll tip our cap to James Anderson for giving us a nice basic model that survived for, basically, half a century. We'll see you in the next video.
