Title :
Run-time detection of covert channels
Author :
Nagatou, Naoyuki ; Watanabe, Takuo
Author_Institution :
Dept. of Comput. Sci., Tokyo Inst. of Technol., Japan
Abstract :
The authors are interested in the characterization of policies which are enforced by execution monitoring mechanisms with an extra structure that is an extension of Schneider´s enforcement mechanism. This paper is a starting point for continuing in this area. We use an emulator as the extra structure, which emulates the behavior of a system by running a subsequence from an interleaved state sequence of processes, in order to detect several covert channels at run time. We then define a security automaton for this extended mechanism and show a class of properties which is enforced by the security automaton. Further, our mechanism can enforce information flow policies, which are specified by system developers, under an information flow property to be defined for the aim of this study. We show that the information flow property include O´Halloran´s noninference. In the last of this paper, we give a simple example for the policy and an outline of our mechanism.
Keywords :
security of data; system monitoring; Schneider enforcement mechanism; covert channel; information flow policy; run-time detection; security automaton; Access control; Automata; Computer science; Computerized monitoring; Information science; Information security; Mechanical factors; Permission; Runtime; Timing;
Conference_Titel :
Availability, Reliability and Security, 2006. ARES 2006. The First International Conference on
Print_ISBN :
0-7695-2567-9
DOI :
10.1109/ARES.2006.114
