Protection and the control of information sharing in multics

Jerome H. Saltzer
1974 Communications of the ACM  
The design of mechanisms to control the sharing of information in the Multics system is described. Five design principles help provide insight into the tradeoffs among different possible designs. The key mechanisms described include access control lists, hierarchical control of access specifications, identification and authentication of users, and primary memory protection. The paper ends with a discussion of several known weaknesses in the current protection mechanism design.
doi:10.1145/361011.361067 fatcat:asimarwprjcodaojrgnwokvgka