Covert Channel Analysis in Secure Operating Systems with High Security Levels

The thirty years, development of covert channel analysis research is summarized. The essence of covert channel and its analysis is depicted according to our theoretical research and engineering experience in this area. The state of the art in the application of covert channel analysis approaches to the real systems is illustrated. Some major threads and emerging trends of the research in this area are presented.

[1]  Richard A. Kemmerer,et al.  Shared resource matrix methodology: an approach to identifying storage and timing channels , 1983, TOCS.

[2]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[3]  Richard A. Kemmerer,et al.  Covert flow trees: a technique for identifying and analyzing covert storage channels , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[4]  Virgil D. Gligor,et al.  A bandwidth computation model for covert storage channels and its applications , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[5]  Dorothy E. Denning,et al.  A lattice model of secure information flow , 1976, CACM.

[6]  Jonathan K. Millen Finite-state noiseless covert channels , 1989, Proceedings of the Computer Security Foundations Workshop II,.

[7]  Wei-Ming Hu Reducing Timing Channels with Fuzzy Time , 1992, J. Comput. Secur..

[8]  J. C. Huskamp Covert communication channels in timesharing systems , 1978 .

[9]  Richard J. Feiertag A Technique for Proving Specifications are Multilevel Secure , 1980 .

[10]  Jingsha He,et al.  Information-flow analysis for covert-channel identification in multilevel secure operating systems , 1990, [1990] Proceedings. The Computer Security Foundations Workshop III.

[11]  Sang Joon Kim,et al.  A Mathematical Theory of Communication , 2006 .

[12]  Virgil D. Gligor,et al.  Auditing the use of covert storage channels in secure systems , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[13]  Hervé Thiriez,et al.  OR software , 1998, European Journal of Operational Research.

[14]  Butler W. Lampson,et al.  A note on the confinement problem , 1973, CACM.

[15]  Richard A. Kemmerer,et al.  A modular covert channel analysis methodology for trusted DG/UX/sup TM/ , 1996, Proceedings 12th Annual Computer Security Applications Conference.

[16]  Virgil D. Gligor,et al.  A guide to understanding covert channel analysis of trusted systems , 1993 .

[17]  Marvin Schaefer,et al.  Program confinement in KVM/370 , 1977, ACM '77.

[18]  Lawrence Robinson,et al.  Proving multilevel security of a system design , 1977, SOSP '77.

[19]  Virgil D. Gligor,et al.  A Formal Method for the Identification of Covert Storage Channels in Source Code , 1987, 1987 IEEE Symposium on Security and Privacy.

[20]  Shiuh-Pyng Shieh Estimating and Measuring Covert Channel Bandwidth in Multilevel Secure Operating Systems , 1999, J. Inf. Sci. Eng..

[21]  John McHugh,et al.  An Experience Using Two Covert Channel Analysis Techniques on a Real System Design , 1986, IEEE Transactions on Software Engineering.

[22]  Steven B. Lipner,et al.  A comment on the confinement problem , 1975, SOSP.

[23]  José Meseguer,et al.  Unwinding and Inference Control , 1984, 1984 IEEE Symposium on Security and Privacy.