Policy vs mechanism in operating system


This is a commonly asked question in operating systems design. In this post, I am going to provide few examples to clarify the difference between policy and mechanism in OS. Let us first explain what policy and mechanism stand for.

Policy vs mechanism


Given a particular task, policy refers to what needs to be done (i.e. activities to perform) and mechanism refers to how to do it (i.e. implementation to enforce policy).

Policy vs mechanism real life examples

  • At a company, compensating employees in terms of who is paid and how much is a policy decided by the management. Paying employees in cash ? in stocks ? is a mechanism.
  • A 3D scene needs to be rendered (policy). Using DirectX or OpenGL graphics API (mechanism).

Security policy vs mechanism example

  • A website requires users to login to the system (policy). Users can login using a user name and password pair (mechanism). They can also login using their gmail or Facebook accounts (another mechanism).

Policy vs mechanism OS examples

  • Granting a resource to a process using first come first serve algorithm (policy). This policy can be implemented using a queue (mechanism).
  • Thread scheduling or answering the question “which thread should be given the chance to run next?” is a policy. For example, is it priority based ? or just round robin ?. Implementing context switching is the corresponding mechanism.
  • In virtual memory, keeping track of free and occupied pages in memory is a mechanism. Deciding what to do when a page fault occurs is a policy. You may check the following articles cpu scheduling, paging vs segmentation and page tables

Separation of mechanism and policy

Separation of policy and mechanism is a design principe to achieve flexibility. In other words, adopting a certain mechanism should not restrict existing policies. The idea behind this concept is to have the least amount of implementation changes if we decide to change the way a particular feature is used. We can also look at it from the other side. For example, if a certain implementation needs to be changed (ex. improve efficiency). This must not greatly influence the way it is used. In the login example mentioned earlier (logging to a website) switching from a user name password pair to Facebook account should not prevent a user from logging in to the website.


  • Policy is the what and mechanism is the how.
  • The separation between the two gives us the flexibility to add and modify existing policies and reuse existing mechanisms for implementing new policies.

That is it for today. if you have comments or questions, you can use the section below. thanks for visiting.


One Comment

Add a Comment

Your email address will not be published. Required fields are marked *