In order to carry out these functions, the kernel software runs with special privileges. It hides the actual interface to devices, such as disk drives, the keyboard, video displays, etc. Instead of direct access, the kernel provides special calls that allow users to more safely and easily access the devices that are connected to their system.
The kernel provides protection by controlling what parts of memory each program that is run on the computer can access. It also manages hardware protection levels so that users can't bypass the memory layout that the kernel is managing.
Special hardware, managed by the kernel, presents each program run on the computer with its own, ideal memory space. This ideal memory space does not have access to the various devices on the system - unless the user has permission and requests that devices be made available.
Programs run by different users are generally not allowed to access the memory of programs run by other users on the same system. In fact, by default, programs run by a user do not have access to the memory run by other users on the computer.
Most computers have one or a few (perhaps four or eight) processors. Each processor executes a single instruction at a time, in theory (if you know how this isn't true you probably don't need to read this Newbie guide...). In order for the computer to appear to be doing hundreds of things at once, the kernel quickly switches back and forth between the different programs that are running.
It might seem like the computer would be too slow if it is switching back and forth so much, but most modern processors spend most of their time waiting for more work. Most programs must wait on information to be read from disk drives or for human interaction.
Long, long ago each person who ran a program on a computer had to include the code that knew how to talk to the disk drive and how to output results to the printer. This code actually had the low level instructions that, for example, sent one character to the printer and then waited, checking the printer status until the character had been printed, and then it did the next character.
If someone's program had a problem, then the whole computer (which at that time was a million dollar plus system) would have to be reset, after important values were saved so the programmer could hope to find out what the problem was.
Some bright person (anyone know who?) had the idea of writing software that would watch the program and if it got stuck, or died would automatically save its information and then start the next program.