Back to Security Pattern Catalog

Controlled Virtual Address Space

Classification Key : Core Security, Elevation of Privilege


Processes should be controlled while accessing memory, otherwise they could overwrite each others areas or gain access to private information. Again, illegal access to system areas could allow a process to get a higher execution privilege level and thus access files and other resources. How can this be avoided?


Divide the virtual address space into segments according to logical units in the programs. Use descriptors to indicate access rights, for example the start address, length of segment and the type of access permitted.

Known Uses

Choices operating system. AIX operating system.


Wiley Book


Address Space, System Area, Access Control


Last modified: May 05, 2012

Conceived and Maintained by: Munawar Hafiz