| single- user system, 180 | serially reusable I/O device, 181 | | sensitive data, 180 | physical separation, 181 | | executive, 180 | temporal separation, 181 | | multiprogrammed system, 180 | logical separation, 181 | | protected object, 181 | cryptographic separation, 181 | | sharable I/O device, 181 | isolation, 181 | | memory protection, 183 | password file protection, 205 | | fence register, 184 | access control matrix, 206 | | relocation, 184 | temporary access permission, 208 | | base/bounds registers, 185 | per-object protection, 208 | | tagged memory architecture, 187 | per-subject protection, 208 | | segmentation, 189 segment address table, 190 | user authentication by something you know, 209 | | segment address translation, 190 paging, 192 | user authentication by something you are, 209 | | page frame, 192 page address translation, 192 | user authentication by something you have, 209 | | paged segmentation, 194 | biometric authentication, 210 | | directory, 196 | password, 211 | | revocation of access, 196 | password response, 211 | | access control list, 198 | exhaustive attack on password, 213 | | user “ group “world protection, 199 | brute force attack on password, 213 | | capability, 201 | probable password, 213 | | domain, 202 | likely password, 214 | | local name space, 202 | one-time password, 220 | | procedure-oriented access control, 204 | single sign-on, 221 | | file protection, 204 | challenge “response system, 222 | | shared file, 205 | login impersonation, 222 | |