Countermeasures and Tradeoos for a Class of Covert Timing Channels Index Terms

We identify a class of covert timing channels with the following properties. (1) existing covert timing channel analysis techniques are inappropriate for the channels in this class; and (2) it includes the fastest (i.e., highest capacity) covert channels known to date. Since channels in this class are exploited by counting the occurrences of certain events, we call them counting channels. We describe a technique for analyzing the capacity of counting channels and use our technique to analyze a known counting channel (viz, the bus contention channel) under two diierent types of countermeasures: an existing countermeasure called fuzzy time and a novel countermeasure called probabilistic partitioning. In particular, our analysis provides the only known upper bound on the capacity of the bus contention channel under fuzzy time. Also, for both types of countermeasures, we obtain precise tradeoos between covert channel capacity and other desirable system properties. covert channel countermeasures engineering tradeoos information-theoretic analysis multilevel security shared memory multiprocessor architecture