论文信息 - Auditing the use of covert storage channels in secure systems

Auditing the use of covert storage channels in secure systems

Requirements for auditing covert storage channels are defined, and some fundamental problems which appear in most computer systems are illustrated. It is argued that audit subsystems designed to minimally satisfy the TCSEC (the DoD Trusted Computer System Evaluation Criteria) requirement are unable to detect many instances of covert channel use, and hence require major design and implementation changes before they are able to detect all use of covert storage channels. The design of the Secure Xenix tool for covert-channel audit that has been in operation since July 1989 is presented. Results of experiments indicate that the tool is able to detect all use of covert storage channels without raising false alarms.<<ETX>>

Virgil D. Gligor | Shiuh-Pyng Shieh

[1] Virgil D. Gligor,et al. A Formal Method for the Identification of Covert Storage Channels in Source Code , 1987, 1987 IEEE Symposium on Security and Privacy.

[2] Virgil D. Gligor,et al. A bandwidth computation model for covert storage channels and its applications , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[3] Dennis Hollingworth. Enhancing Computer System Security , 1973 .

[4] Virgil D. Gligor,et al. Design and Implementation of Secure Xenix , 1987, IEEE Transactions on Software Engineering.

[5] Richard A. Kemmerer,et al. Shared resource matrix methodology: an approach to identifying storage and timing channels , 1983, TOCS.

[6] Jonathan K. Millen. Finite-state noiseless covert channels , 1989, Proceedings of the Computer Security Foundations Workshop II,.

[7] J. C. Huskamp. Covert communication channels in timesharing systems , 1978 .