DocumentCode
2590380
Title
Auditing the use of covert storage channels in secure systems
Author
Shieh, Shiuh-Pyng W. ; Gligor, Virgil D.
Author_Institution
Dept. of Electr. Eng., Maryland Univ., College Park, MD, USA
fYear
1990
fDate
7-9 May 1990
Firstpage
285
Lastpage
295
Abstract
Requirements for auditing covert storage channels are defined, and some fundamental problems which appear in most computer systems are illustrated. It is argued that audit subsystems designed to minimally satisfy the TCSEC (the DoD Trusted Computer System Evaluation Criteria) requirement are unable to detect many instances of covert channel use, and hence require major design and implementation changes before they are able to detect all use of covert storage channels. The design of the Secure Xenix tool for covert-channel audit that has been in operation since July 1989 is presented. Results of experiments indicate that the tool is able to detect all use of covert storage channels without raising false alarms
Keywords
security of data; DoD Trusted Computer System Evaluation Criteria; Secure Xenix tool; TCSEC; auditing; computer systems; covert storage channels; secure systems; Computer security; Computerized monitoring; Educational institutions; Laboratories; Petroleum; Secure storage; Trademarks;
fLanguage
English
Publisher
ieee
Conference_Titel
Research in Security and Privacy, 1990. Proceedings., 1990 IEEE Computer Society Symposium on
Conference_Location
Oakland, CA
Print_ISBN
0-8186-2060-9
Type
conf
DOI
10.1109/RISP.1990.63858
Filename
63858
Link To Document