Title :
Directed information and the NRL Network Pump
Author :
Gorantla, Siva K. ; Kadloor, Sachin ; Coleman, Todd P. ; Kiyavash, Negar ; Moskowitz, Ira S. ; Kang, Myong H.
Author_Institution :
Coordinated Sci. Lab., Univ. of Illinois, Urbana, IL, USA
Abstract :
The NRL Network Pump®, or Pump, is a standard for mitigating covert channels that arise in a multi-level secure (MLS) system when a high user (HU) sends acknowledgements to a low user (LU). The issue here is that HU can encode information in the “timings” of the acknowledgements. The Pump aims at mitigating the covert timing channel by introducing buffering between HU and LU, as well as adding noise to the acknowledgment timings. Here, for the first time, we model the workings of the Pump in certain situations, as a communication system with feedback and use then this novel perspective to derive a upper bound on the rate of the covert channel between HU and LU in the Pump, in specific situations. This upper bound is presented in terms of a directed information flow over the dynamics of the system.
Keywords :
computer network security; MLS system; NRL network pump; communication system; covert channel mitigation; covert timing channel; directed information flow; multilevel secure system; upper bound; Communication systems; Decoding; Delay; Encoding; Noise; Random variables;
Conference_Titel :
Information Theory and its Applications (ISITA), 2010 International Symposium on
Conference_Location :
Taichung
Print_ISBN :
978-1-4244-6016-8
Electronic_ISBN :
978-1-4244-6017-5
DOI :
10.1109/ISITA.2010.5649143
