Access Restriction

Author Schroeder, Michael D. ♦ Saltzer, Jerome H.
Source ACM Digital Library
Content type Text
Publisher Association for Computing Machinery (ACM)
File Format PDF
Language English
Subject Keyword Access control ♦ Shared information ♦ Segmentation ♦ Virtual memory ♦ Multics ♦ Computer utility ♦ Protection hardware ♦ Protection rings ♦ Protection ♦ Hardware access control ♦ Time-sharing
Abstract Protection of computations and information is an important aspect of a computer utility. In a system which uses segmentation as a memory addressing scheme, protection can be achieved in part by associating concentric rings of decreasing access privilege with a computation. This paper describes hardware processor mechanisms for implementing these rings of protection. The mechanisms allow cross-ring calls and subsequent returns to occur without trapping to the supervisor. Automatic hardware validation of references across ring boundaries is also performed. Thus, a call by a user procedure to a protected subsystem (including the the supervisor) is identical to a call to a companion user procedure. The mechanisms of passing and referencing arguments are the same in both cases as well.
Description Affiliation: Massachusetts Institute of Technology, Cambridge (Schroeder, Michael D.; Saltzer, Jerome H.)
Age Range 18 to 22 years ♦ above 22 year
Educational Use Research
Education Level UG and PG
Learning Resource Type Article
Publisher Date 2005-08-01
Publisher Place New York
Journal Communications of the ACM (CACM)
Volume Number 15
Issue Number 3
Page Count 14
Starting Page 157
Ending Page 170

Open content in new tab

   Open content in new tab
Source: ACM Digital Library