Protection of computations and information is an important aspect of a computer utility. In a system which uses segmentation as a memory addressing scheme, protection can be achieved in part by associating concentric rings of decreasing access privilege with a computation. This paper describes hardware processor mechanisms for implementing these rings of protection. The mechanisms allow cross-ring calls and subsequent returns to occur without trapping to the supervisor. Automatic hardware validation of references across ring boundaries is also performed. Thus, a call by a user procedure to a protected subsystem (including the the supervisor) is identical to a call to a companion user procedure. The mechanisms of passing and referencing arguments are the same in both cases as well.

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Apfelbaum, H., and Oppenheimer, G. Design of virtual memory systems. Proc. 1971 IEEE Internat. Comput. Soc: Conf., Boston, pp. 115-116.
	2	B. W. Arden , B. A. Galler , T. C. O'Brien , F. H. Westervelt, Program and Addressing Structure in a Time-Sharing Environment, Journal of the ACM (JACM), v.13 n.1, p.1-16, Jan. 1966  [doi>10.1145/321312.321313]
	3	A. Bensoussan , C. T. Clingen , R. C. Daley, The multics virtual memory, Proceedings of the second symposium on Operating systems principles, October 20-22, 1969, Princeton, New Jersey  [doi>10.1145/961053.961069]
	4	Burroughs Corporation. A Narrative Description of the Burroughs B5500 Master Control Program. Detroit, Mich. Oct. 1969.
	5	Jack B. Dennis , Earl C. Van Horn, Programming semantics for multiprogrammed computations, Communications of the ACM, v.9 n.3, p.143-155, March 1966  [doi>10.1145/365230.365252]
	6	Edsger W. Dijkstra, The structure of the “THE”-multiprogramming system, Communications of the ACM, v.11 n.5, p.341-346, May 1968  [doi>10.1145/363095.363143]
	7	Evans, D.C., and LeClerc, J.Y. Address mapping and the control of access in an interactive computer. Proc. AFIPS 1967 SJCC, Vol. 30, AFIPS Press, Montvale, N.J. pp. 23-30.
	8	Fabry, R.S. Preliminary description of a supervisor for a computer organized around capabilities. Quarterly Progress Rep. No. 18, Institute of Computer Research, U. of Chicago, I-B 1-97.
	9	Robert M. Graham, Protection in an information processing utility, Communications of the ACM, v.11 n.5, p.365-369, May 1968  [doi>10.1145/363095.363146]
	10	Honeywell Information Systems Inc., Model 645 Processor Reference Manual. Cambridge Information Systems Laboratory, Apr. 197i.
	11	Hauck, E.A., and Dent, B.A. Burrough's B6500/B7500 stack mechanisms. Proc. AFIPS 1968 SJCC, Vol. 32, AFIPS Press, Montvale, N.J. pp. 245-251.
	12	Lampson, B.W. An Overview of the CAL Time-Sharing System. Computation Center, U. of California, Berkeley, Sept. 1969.
	13	Lampson, B.W. Dynamic protection structures. Proc. AFIPS 1969 FJCC, Vol. 35, AFIPS Press, Montvale, N.J., 27-38.
	14	MIT Project MAC. Multics Programmer's Manual. 1969.
	15	Shigeru Motobayashi , Takashi Masuda , Nobumasa Takahashi, The HITAC5020 time sharing system, Proceedings of the 1969 24th national conference, p.419-429, August 26-28, 1969  [doi>10.1145/800195.805948]
	16	Schroeder, M.D. Classroom model of an information and computing service. S.M. Th. MIT, Dep. Elec. Eng., Feb. 1969. {Expanded version available as Proj. MAC Tech. Rep. MAC-TR-80.}
	17	Dean Hanawalt Vanderbilt, Controlled information sharing in a computer utility, Massachusetts Institute of Technology, Cambridge, MA, 1969