Defines the security domains for implementing software-enforced separation and policy enforcement mechanisms.