In computer terminology, the phrase protected mode refers to an x86 operating mode that offers greater security by enabling key software features. When operating in protected mode, also called protected virtual address mode, a computer's operating system is granted enhanced control of the applications running on the machine. This enhanced control protects the operating system by granting authority for the system to shut down unsafe processes and delegating processes to be run in the virtual memory space.
In operating systems that incorporate protected mode processing, there are a few key features that make the service useful. The primary feature is the use of privilege levels for software operations. In the protected mode set-up, all software is given a ring value of 0, 1, 2, or 3. These ring values indicate the permissions allowed to the program. A program with a ring value of 0 is a super-administrator enabled program that has total access permissions, such as operating system files. A program with a ring value of 3, the default for applications, has very limited permissions, thus protecting the operating system from damage by rogue programs.
Protected mode also offers enhancements to programs memory usage. By utilizing paging resources, the application is effectively firewalled into its own operating memory. The paging resource keeps the individual virtual memory segments secure, as the system restricts access to these areas. With the ability to use a portion of the available space on the hard disk drive as a paging file, it is possible to use more memory for applications than that which is physically available.
Using protected mode, the space available in paging files and virtual memory is allocated for use. Processes may be removed from the physical memory and placed in the virtual memory paging files located on the hard drive. Confining applications to these virtual memory banks not only speeds up the processing time of the central processor unit (CPU), but it also aids security. This is because the virtual memory resources are kept separate from all other system resources, thus creating a section that is reserved specifically for the application.
Multitasking is another benefit offered by the use of protected mode operation. When this operation mode is engaged, the system is able to use permission rings, call gates, and task state segments to give priority to certain operations and processes. This priority level controls what percentage of processor time is dedicated to the function of a particular application or process. With this level of independent control, the protected mode operating system can safely shutdown programs and applications without fear of crashing the entire system.