Back to Security Pattern Catalog




Controlled Virtual Address Space


Classification Key : Core Security, Elevation of Privilege

Problem

Processes should be controlled while accessing memory, otherwise they could overwrite each others areas or gain access to private information. Again, illegal access to system areas could allow a process to get a higher execution privilege level and thus access files and other resources. How can this be avoided?

Solution

Divide the virtual address space into segments according to logical units in the programs. Use descriptors to indicate access rights, for example the start address, length of segment and the type of access permitted.

Known Uses

Choices operating system. AIX operating system.

Source

Wiley Book

Tags

Address Space, System Area, Access Control


 

Last modified: May 05, 2012

Conceived and Maintained by: Munawar Hafiz