A "ring" is a concept developed in the early days of large-scale timesharing by those working on the MULTICS operating system (see The Multics Systems: An Examination of Its Structure, Elliot I. Organick, MIT Press: Cambridge Mass., 1972). These rings establish a hierarchy of memory protection and processor function, in which code running in lesser-valued rings has access only to all higher-valued or equally valued rings. A protection violation occurs when less "secure" code (running in a higher-valued ring) accesses more "secure" code or data (at a lower-valued ring).

Rings can be used to regulate access and determine if a protection violation occurs.

Support for the multiple ring protection model of the 386 occurs in four distinct rings of protection (0-3). Traditional UNIX supports only two rings: One for the kernel operating system, and one for the current user process. On the 386, this corresponds to the supervisor ring (0) and the user ring (3). When the 386 is running in the user ring and receives an interrupt or exception, or it needs to process a system call, it must switch rings to the supervisor ring. Once there, the kernel is run as a trusted program to handle these events. This switching of rings, or "ring crossing," is central to the UNIX memory protection model. Unlike MS-DOS, where operating system code and user application code mingle in the same address space, UNIX programs run in "hard" shells of address space. UNIX programs are not able to modify each other or the operating system by virtue of memory protection. This is enforced by memory protection hardware on the microprocessor in the general case when the applications program is running. Ring crossing, where we go from user to kernel code, needs to be carefully done to preserve the protection model in all cases. In this way, nothing that a user program does can possibly affect another user program adversely or "crash" the operating system.