The term for a common low-level paradigm for security, in which it is assumed that a system is secure enough if different objects cannot communicate but through a kernel.

Hardware-based protection can only protect processes that don't interact - don't communicate. But the utility of processes precisely lies in their ability to interact meaningfully with each other. Hence, hardware protection can never bring reliable security in any useful system, while it sure brings large overhead. This is why we should focus on software security mechanisms; but once such mechanisms are available, hardware protection becomes completely useless. Hence, we may completely overlook hardware protection in the general case; this will make software more portable, and allow hardware designers not to waste all that R&D and silicon, and focus on more important problems, like high- speed computing and networking. Optimization and emulation support may bring hardware protection back on current hardware platforms as a dirty hack to speed up some parts of software security.

All in all, hardware-based protection never prevents either software or hardware failure. Only formal verification can prevent software failure, and only particular hardware redundancy of a mathematically proved error-resilient type may reduce hardware failure.

This page is linked from: File System   Forth OSes   Microkernel Debate   Monopoly   Multipop   OKE   Security   Space