Separation of mechanism and policy

The separation of mechanism and policy[1] is a design principle in computer science. It states that mechanisms (those parts of a system implementation that control the authorization of operations and the allocation of resources) should not dictate (or overly restrict) the policies according to which decisions are made about which operations to authorize, and which resources to allocate.

While most commonly discussed in the context of security mechanisms (authentication and authorization), separation of mechanism and policy is applicable to a range of resource allocation problems (e.g. CPU scheduling, memory allocation, quality of service) as well as the design of software abstractions.[citation needed]

Per Brinch Hansen introduced the concept of separation of policy and mechanism in operating systems in the RC 4000 multiprogramming system.[2] Artsy and Livny, in a 1987 paper, discussed an approach for an operating system design having an "extreme separation of mechanism and policy".[3][4] In a 2000 article, Chervenak et al. described the principles of mechanism neutrality and policy neutrality.[5]

  1. ^ Butler W. Lampson and Howard E. Sturgis. Reflections on an Operating System Design [1] Communications of the ACM 19(5):251-265 (May 1976)
  2. ^ "Per Brinch Hansen • IEEE Computer Society". www.computer.org. Retrieved 2016-02-05.
  3. ^ Miller, M. S., & Drexler, K. E. (1988). "Markets and computation: Agoric open systems". In Huberman, B. A. (Ed.). (1988), pp. 133–176. The Ecology of Computation. North-Holland.
  4. ^ Artsy, Yeshayahu et al., 1987.
  5. ^ Chervenak 2000 p.2