ABSTRACT
Controlling access to memory is critical for sharing one machine among many users and processes. Security is impossible without the capabilities to isolate one process from another and to control how data are shared. For example, if Alice and Bob are running their programs on the same machine, their programs should be protected from one another. Such protection requires that Alice’s calculations should not spill over into the memory used by Bob. Furthermore, unless Alice has authorization from Bob or other appropriate controlling authorities, Alice should not be able to read from or write to Bob’s data stored in memory.
