New Constructive Approach to Covert Channel Modeling and Channel Capacity Estimation

In this paper, we examine general mechanisms that a covert channel may exploit and derive new minimum requirements for setting up a covert channel. We also propose a new classification of covert channels based on our analysis. Unlike the non-interference approaches, our approach is constructive, allowing the direct examination of system architectures at different abstraction levels for the presence or absence of the mechanisms that can be exploited to create covert channels. Also, unlike past research on covert channel capacity estimation which employed a synchronous channel model, we point out that covert channels are generally non-synchronous. To capture the asynchronous nature of covert channels, we propose the deletion-insertion channel model as a more general basis for covert channel capacity estimation. This enables modeling the effects of system behavior on covert channel capacity, leading to a more accurate upper bound of the resulting channel capacity.

[1]  Jonathan K. Millen Finite-state noiseless covert channels , 1989, Proceedings of the Computer Security Foundations Workshop II,.

[2]  John C. Wray An Analysis of Covert Timing Channels , 1992, J. Comput. Secur..

[3]  Ira S. Moskowitz,et al.  An analysis of the timed Z-channel , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[4]  Jonathan K. Millen 20 years of covert channel modeling and analysis , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[5]  Jonathan K. Millen,et al.  Covert Channel Capacity , 1987, 1987 IEEE Symposium on Security and Privacy.

[6]  Richard A. Kemmerer,et al.  Shared resource matrix methodology: an approach to identifying storage and timing channels , 1983, TOCS.

[7]  Butler W. Lampson,et al.  A note on the confinement problem , 1973, CACM.

[8]  Ira S. Moskowitz,et al.  Simple timing channels , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[9]  Virgil D. Gligor,et al.  A guide to understanding covert channel analysis of trusted systems , 1993 .

[10]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[11]  David J. C. MacKay,et al.  Reliable communication over channels with insertions, deletions, and substitutions , 2001, IEEE Trans. Inf. Theory.

[12]  Ruby B. Lee,et al.  Capacity estimation of non-synchronous covert channels , 2005, 25th IEEE International Conference on Distributed Computing Systems Workshops.

[13]  Judith N. Froscher,et al.  The Handbook for the Computer Security Certification of Trusted Systems , 1992 .

[14]  John McHugh,et al.  An Experience Using Two Covert Channel Analysis Techniques on a Real System Design , 1987, IEEE Trans. Software Eng..