The notion is not so different from process confinement -- using processor privilege levels and a security kernel to mediate how a process from accessing resources, so that damages done by a faulty (or malicious) program are largely contained.
In lieu of bootstrapping the external object access enforcement from hardware mechanisms, Software Fault Isoltion (SFI) is a system where the enforcement is done using software-only techniques.
Java's type safety is another form of sandboxing: the enforcement mechanism is software controls implemented within object access methods, and type safety ensures that the proper access methods must be invoked.
bsy+cse227w02@cs.ucsd.edu, last updated
email bsy.