-{ Quote: "In order to keep applications from usurping any part of the OS's privileged access to system hardware, processors provide a mechanism that allows different programs to run at different privilege levels. These privilege levels are called rings, and they're arranged in a hierarchy that starts with Ring 0 (the lowest, most trusted level) and extends upwards through one or more progressively less-trusted Rings (e.g., Ring 1, Ring 2, and so on)." }-
Ars Technica Article (http://arstechnica.com/guides/other/virtualization-guide-2.ars)

Thank you.

This is very well discussed in some White Papers regarding both Intel VT-d and AMD Pacifica (Nested Page Tables).