Mitigating covert channels based on analysis of the potential for communication

The existence and usage of covert channels in systems of communicating agents poses a significant threat to the confidentiality of information. It is difficult to fully prevent the possibility of covert channels in a system without limiting the communication between its components or negatively affecting its behaviour. However, by developing an understanding of when a covert channel may exist in a given system and which agents are more prone to covert channels than others, approaches for mitigating covert channels can be developed in such a way that they are able to preserve overall system functionality and the communication between its components and with its environment. In this paper, we propose an approach for mitigating covert channels in systems of communicating agents based on an analysis of the potential for communication amongst system agents. First, we propose a mathematical framework for communication and concurrency called Communicating Concurrent Kleene Algebra (C2KA). We use C2KA to present a formulation of the potential for communication condition for covert channel existence. Then, we show how to use the proposed formulation and its mathematical background to analyse systems of communicating agents in order to devise an approach for modifying the behaviours of agents in a system of communicating agents in order to eliminate the potential for communication, thus eliminating the potential for a covert channel, while still preserving the overall system functionality. Using an illustrative example, we show how to specify a system of communicating agents using the mathematical framework of C2KA and we demonstrate and discuss the proposed mitigation approach. We also report on the use of a prototype tool that supports the automated verification and analysis of the potential for communication condition for covert channel existence.

[1]  Georg Struth,et al.  Concurrent Kleene Algebra , 2009, CONCUR.

[2]  Loïc Hélouët,et al.  Covert channel detection using Information Theory , 2010, SecCo.

[3]  Robin Milner,et al.  A Calculus of Mobile Processes, II , 1992, Inf. Comput..

[4]  Glynn Winskel,et al.  Event Structures , 1986, Advances in Petri Nets.

[5]  Shiuh-Pyng Shieh Estimating and Measuring Covert Channel Bandwidth in Multilevel Secure Operating Systems , 1999, J. Inf. Sci. Eng..

[6]  Steven J. Murdoch,et al.  Covert channel vulnerabilities in anonymity systems , 2007 .

[7]  Narciso Martí-Oliet,et al.  The Maude 2.0 System , 2003, RTA.

[8]  Georg Struth,et al.  Foundations of Concurrent Kleene Algebra , 2009, RelMiCS.

[9]  Qinglei Zhang,et al.  Endowing Concurrent Kleene Algebra with Communication Actions , 2014, RAMiCS.

[10]  Dexter Kozen,et al.  Automata and Computability , 1997, Undergraduate Texts in Computer Science.

[11]  Daniel Jackson,et al.  Alloy: a lightweight object modelling notation , 2002, TSEM.

[12]  A. Mikhalev,et al.  Monoids, Acts and Categories: With Applications to Wreath Products and Graphs. A Handbook for Students and Researchers , 2011 .

[13]  Jonathan K. Millen Finite-state noiseless covert channels , 1989, Proceedings of the Computer Security Foundations Workshop II,.

[14]  Steven Gianvecchio,et al.  Detecting covert timing channels: an entropy-based approach , 2007, CCS '07.

[15]  Ridha Khédri,et al.  A Formulation of the Potential for Communication Condition using C2KA , 2014, GandALF.

[16]  Khair Eddin Sabri,et al.  Verification of Information Flow in Agent-Based Systems , 2009, MCETECH.

[17]  Antoni W. Mazurkiewicz,et al.  Trace Theory , 1986, Advances in Petri Nets.

[18]  Rance Cleaveland,et al.  Strategic directions in concurrency research , 1996, CSUR.

[19]  James W. Gray,et al.  Toward a mathematical foundation for information flow security , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[20]  C. A. R. Hoare,et al.  Some Properties of Predicate Transformers , 1978, JACM.

[21]  Gavin Lowe,et al.  Quantifying information flow , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[22]  Jason Jaskolka,et al.  On the Modelling, Analysis, and Mitigation of Distributed Covert Channels , 2015 .

[23]  Robin Milner,et al.  Communication and concurrency , 1989, PHI Series in computer science.

[24]  Ira S. Moskowitz,et al.  A pump for rapid, reliable, secure communication , 1993, CCS '93.

[25]  Edmund M. Clarke,et al.  Design and Synthesis of Synchronization Skeletons Using Branching-Time Temporal Logic , 1981, Logic of Programs.

[26]  Joseph Y. Halpern,et al.  “Sometimes” and “not never” revisited: on branching versus linear time temporal logic , 1986, JACM.

[27]  Qinglei Zhang,et al.  On the Necessary Conditions for Covert Channel Existence: A State-of-the-Art Survey , 2012, ANT/MobiWIS.

[28]  Robin Milner,et al.  A Calculus of Mobile Processes, II , 1992, Inf. Comput..

[29]  Simmons,et al.  The Subliminal Channel and Digital Signatures , 2022 .

[30]  Fred Kröger,et al.  Temporal Logic of Programs , 1987, EATCS Monographs on Theoretical Computer Science.

[31]  Ruby B. Lee,et al.  New Constructive Approach to Covert Channel Modeling and Channel Capacity Estimation , 2005, ISC.

[32]  Roel,et al.  The modelling , .

[33]  Kai Rannenberg Die Trusted Computer System Evaluation Criteria (TCSEC) , 1998 .

[34]  Richard A. Kemmerer,et al.  Covert Flow Trees: A Visual Approach to Analyzing Covert Storage Channels , 1991, IEEE Trans. Software Eng..

[35]  Robert M. Keller,et al.  Formal verification of parallel programs , 1976, CACM.

[36]  Fred B. Schneider,et al.  A Logical Approach to Discrete Math , 1993, Texts and Monographs in Computer Science.

[37]  Bruce E. Hajek,et al.  An information-theoretic and game-theoretic study of timing channels , 2002, IEEE Trans. Inf. Theory.

[38]  Ira S. Moskowitz,et al.  Algebraic information theory for binary channels , 2010, Theor. Comput. Sci..

[39]  Edsger W. Dijkstra,et al.  Guarded commands, nondeterminacy and formal derivation of programs , 1975, Commun. ACM.

[40]  Bruce Hajek,et al.  The jamming game for timing channels , 1999, 1999 Information Theory and Networking Workshop (Cat. No.99EX371).

[41]  Jonathan K. Millen,et al.  Hookup security for synchronous machines , 1990, [1990] Proceedings. The Computer Security Foundations Workshop III.

[42]  Georg Struth,et al.  Hybrid process algebra , 2005, J. Log. Algebraic Methods Program..

[43]  Richard A. Kemmerer,et al.  Shared resource matrix methodology: an approach to identifying storage and timing channels , 1983, TOCS.

[44]  W. Holcombe Algebraic automata theory: Contents , 1982 .

[45]  Benjamin Steinberg,et al.  A Theory of Transformation Monoids: Combinatorics and Representation Theory , 2010, Electron. J. Comb..

[46]  Khair Eddin Sabri,et al.  A formal test for detecting information leakage via covert channels , 2011, CSIIRW '11.

[47]  C. A. R. Hoare,et al.  Unifying Models of Data Flow , 2011, Software and Systems Safety - Specification and Verification.

[48]  Zhen Yang,et al.  Research on the Methods of Search and Elimination in Covert Channels , 2003, GCC.

[49]  I. S. Moskowitz,et al.  Covert channels-here to stay? , 1994, Proceedings of COMPASS'94 - 1994 IEEE 9th Annual Conference on Computer Assurance.

[50]  Edsger W. Dijkstra,et al.  Predicate Calculus and Program Semantics , 1989, Texts and Monographs in Computer Science.

[51]  C. A. R. Hoare,et al.  Communicating sequential processes , 1978, CACM.

[52]  Nikola Ruskuc,et al.  Computing Transformation Semigroups , 2002, J. Symb. Comput..

[53]  Jonathan K. Millen,et al.  Covert Channel Capacity , 1987, 1987 IEEE Symposium on Security and Privacy.

[54]  Daryl Johnson,et al.  Behavior-Based Covert Channel in Cyberspace , 2009 .

[55]  Sushil Jajodia,et al.  Integrating an object-oriented data model with multilevel security , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[56]  Carla E. Brodley,et al.  IP Covert Channel Detection , 2009, TSEC.

[57]  C. Petri Kommunikation mit Automaten , 1962 .

[58]  Ridha Khédri,et al.  Exploring Covert Channels , 2011, 2011 44th Hawaii International Conference on System Sciences.

[59]  Vaughan R. Pratt,et al.  Modeling concurrency with partial orders , 1986, International Journal of Parallel Programming.

[60]  U. Hebisch,et al.  Semirings: Algebraic Theory and Applications in Computer Science , 1998 .

[61]  Jan A. Bergstra,et al.  Process Algebra for Synchronous Communication , 1984, Inf. Control..

[63]  Robin Milner,et al.  A Calculus of Communicating Systems , 1980, Lecture Notes in Computer Science.