In computer science, protection mechanisms are built into a computer architecture to support the enforcement of security policies. A simple definition of a security policy is "to set who may use what information in a computer system".
The access matrix model, first introduced in 1971, is a generalized description of operating system protection mechanisms.
The separation of protection and security is a special case of the separation of mechanism and policy.