Title :
Covert flow trees: a technique for identifying and analyzing covert storage channels
Author :
Porras, Phillip A. ; Kemmerer, Richard A.
Author_Institution :
Dept. of Comput. Sci., California Univ., Santa Barbara, CA, USA
Abstract :
A technique for detecting covert storage channels using a tree structure called a covert flow tree (CFT) is introduced. By traversing the paths of a CFT a comprehensive list of scenarios that potentially support covert communication via particular resource attributes can be automatically constructed. CFTs graphically illustrate the process through which information regarding the state of one attribute is relayed to another attribute, and how in turn that information is relayed to a listening process. Algorithms for automating the construction of CFT and potential covert channel operation sequences are presented. Two example systems are analyzed and their results are compared to two other analysis techniques performed on identical systems. The CFT approach not only identified all covert storage channels found by the other techniques, but discovered a channel not detected by the other techniques
Keywords :
security of data; telecommunication channels; telecommunications computing; trees (mathematics); CFT approach; covert flow tree; covert storage channels; listening process; potential covert channel operation sequences; resource attributes; tree structure; Access control; Bandwidth; Communication channels; Information analysis; Inspection; Performance analysis; Relays; Timing; Tree data structures; Tree graphs;
Conference_Titel :
Research in Security and Privacy, 1991. Proceedings., 1991 IEEE Computer Society Symposium on
Conference_Location :
Oakland, CA
Print_ISBN :
0-8186-2168-0
DOI :
10.1109/RISP.1991.130770
