National Computer Security Center a Guide to Understanding Covert Channel Analysis of Trusted Systems
نویسنده
چکیده
A Guide to Understanding Covert Channel Analysis of Trusted Systems provides a set of good practices related to covert channel analysis. We have written this guide to help the vendor and evaluator communities understand the requirements for covert channel analysis as described in the Department of Defense Trusted Computer System Evaluation Criteria (TCSEC). In an effort to provide guidance, we make recommendations in this technical guide that are not cited in the TCSEC.
منابع مشابه
A Case Study on Covert Channel Establishment via Software Caches in High-Assurance Computing Systems
Covert channels can be utilized to secretly deliver information from high privileged processes to low privileged processes in the context of a high-assurance computing system. In this case study, we investigate the possibility of covert channel establishment via software caches in the context of a framework for component-based operating systems. While component-based operating systems offer sec...
متن کاملMimic: An active covert channel that evades regularity-based detection
To counter the threat of leaks of sensitive and mission-critical information, high-security facilities employ multi-level security mechanisms in which information flows are prevented from high-security systems to lower-security systems. For networks, this includes the monitoring of all incoming and outgoing traffic, high-grade encryption for all data communication, intrusion detection systems, ...
متن کاملA Security Domain Model for Implementing Trusted Subject Behaviors
Within a multilevel secure (MLS) system, trusted subjects are granted privileges to perform operations that are not possible by ordinary subjects controlled by mandatory access control (MAC) policy enforcement mechanisms. These subjects are trusted not to conduct malicious activity or degrade system security. We present a formal definition for trusted subject behaviors, which depends upon a rep...
متن کاملAn Integrated View of Security Analysis and Performance Evaluation: Trading QoS with Covert Channel Bandwidth
Security analysis and performance evaluation are two fundamental activities in the system design process, which are usually carried out separately. Unfortunately, a purely qualitative analysis of the security requirements is not sufficient in the case of real systems, as they suffer from unavoidable information leaks that need to be quantified. In this paper we propose an integrated and tool-su...
متن کاملThe b²/c³ Problem: How Big Buffers Overcome Convert Channel Cynicism in Trusted Database Systems
We present a mechanism for communication from low to high security classes that allows partial acknowledgments and flow control without introducing covert channels. By restricting our mechanism to the problem of maintaining mutual consistency in replicated architecture database systems, we overcome the negative general results in this problem area. A queueing theory model shows that big buffers...
متن کامل