Title :
Protection against covert storage and timing channels
Author :
Melliar-Smith, M. ; Moser, Louise E.
Author_Institution :
Dept. of Electr. & Comput. Eng., California Univ., Santa Barbara, CA, USA
Abstract :
Existing technology is quite successful at preventing direct unauthorized communication in multilevel secure computer systems, but is almost completely ineffective at protecting such systems against covert storage and timing channels. In a covert channel, one process transmits secret information by modulating its rate of use of a shared resource, while another program detects that modulation by monitoring the responsiveness of the resource. The proposed protection technique involves screening all programs in a system by a data dependency analysis procedure that determines whether the results of those programs depend on the relative timing of operations within the system. Programs containing such timing dependencies are denied access to the system until certified by other means. The approach is reasonably inexpensive and completely rigorous and, when strictly applied, precludes all communication over covert storage and timing channels
Keywords :
security of data; covert storage; data dependency analysis; multilevel secure computer systems; protection technique; shared resource; timing channels; timing dependencies; unauthorized communication; Buffer storage; Communication system security; Computer security; Computerized monitoring; Delay; Information security; Modulation coding; Protection; Secure storage; Timing;
Conference_Titel :
Computer Security Foundations Workshop IV, 1991. Proceedings
Conference_Location :
Franconia, NH
Print_ISBN :
0-8186-2215-6
DOI :
10.1109/CSFW.1991.151588
