The *(term) for a common _(low-level) _(paradigm) for _(security), in 
which it is assumed that a system is secure enough if different _(object)s 
cannot communicate but through a _(kernel).

Hardware-based protection can only protect _(process)es that don't 
interact - don't communicate. But the utility of processes precisely 
lies in their ability to interact meaningfully with each other. Hence, 
hardware protection can never bring reliable _(security) in any useful 
system, while it sure brings large overhead. This is why we should focus 
on software _(security) mechanisms; but once such mechanisms are available, 
hardware protection becomes completely useless. Hence, we may completely 
overlook hardware protection in the general case; this will make 
software more portable, and allow hardware designers not to waste all 
that R&D and silicon, and focus on more important problems, like high-
speed computing and networking. Optimization and emulation support may 
bring hardware protection back on current hardware platforms as a dirty 
hack to speed up some parts of software _(security).

All in all, hardware-based protection <em>never</em> prevents either 
software or hardware failure. Only formal verification can prevent 
software failure, and only particular hardware redundancy of a 
mathematically proved error-resilient type may reduce hardware failure.