A formal framework for real-time information flow analysis

We view Multi-Level Secure (MLS) real-time systems as systems in which MLS real-time tasks are scheduled and execute, according to a scheduling algorithm employed by the system. From this perspective, we develop a general trace-based framework that can carry out a covert-timing channel analysis of a real-time system. In addition, we propose a set of covert-timing channel free policies: If a system satisfies one of our proposed security policies, we demonstrated that the system can achieve a certain level of real-time information flow security. Finally, we compare the relative strength of the proposed covert-timing channel free security policies and analyze whether each security policy can be regarded as a property (a set of execution sequences).

[1]  Roberto Gorrieri,et al.  Real-time information flow analysis , 2003, IEEE J. Sel. Areas Commun..

[2]  Claude E. Shannon,et al.  The Mathematical Theory of Communication , 1950 .

[3]  Johan Agat,et al.  Transforming out timing leaks , 2000, POPL '00.

[4]  Chung Laung Liu,et al.  Scheduling Algorithms for Multiprogramming in a Hard-Real-Time Environment , 1989, JACM.

[5]  Fred B. Schneider,et al.  Enforceable security policies , 2000, TSEC.

[6]  Rajeev Alur,et al.  Model-Checking in Dense Real-time , 1993, Inf. Comput..

[7]  E. Stewart Lee,et al.  A general theory of security properties , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[8]  C. E. SHANNON,et al.  A mathematical theory of communication , 1948, MOCO.

[9]  Pavol Cerný,et al.  Preserving Secrecy Under Refinement , 2006, ICALP.

[10]  Klaus Schneider,et al.  Symbolic model checking of real-time systems , 2001, Proceedings Eighth International Symposium on Temporal Representation and Reasoning. TIME 2001.

[11]  Carla E. Brodley,et al.  IP covert timing channels: design and detection , 2004, CCS '04.

[12]  Klaus Schneider,et al.  A new approach to the specification and verification of real-time systems , 2001, Proceedings 13th Euromicro Conference on Real-Time Systems.

[13]  Jim Alves-Foss,et al.  Covert timing channel capacity of rate monotonic real-time scheduling algorithm in MLS systems , 2006, Communication, Network, and Information Security.

[14]  Gavin Lowe,et al.  Defining information flow quantity , 2004, J. Comput. Secur..

[15]  Thomas M. Cover,et al.  Elements of Information Theory , 2005 .

[16]  Roberto Barbuti,et al.  A Decidable Notion of Timed Non-Interference , 2003, Fundam. Informaticae.

[17]  Philippe Schnoebelen,et al.  Efficient timed model checking for discrete-time systems , 2006, Theor. Comput. Sci..

[18]  J. Alves-Foss,et al.  Covert Timing Channel Analysis of Rate Monotonic Real-Time Scheduling Algorithm in MLS Systems , 2006, 2006 IEEE Information Assurance Workshop.

[19]  Wei-Ming Hu,et al.  Reducing timing channels with fuzzy time , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[20]  John V. A. Janeri,et al.  Building higher resolution synthetic clocks for signaling in covert timing channels , 1995, Proceedings The Eighth IEEE Computer Security Foundations Workshop.

[21]  Gaurav Shah,et al.  Keyboards and Covert Channels , 2006, USENIX Security Symposium.

[22]  James W. Gray On introducing noise into the bus-contention channel , 1993, Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy.

[23]  Bowen Alpern,et al.  Defining Liveness , 1984, Inf. Process. Lett..

[24]  John McLean,et al.  A General Theory of Composition for a Class of "Possibilistic'' Properties , 1996, IEEE Trans. Software Eng..

[25]  Heiko Mantel,et al.  Possibilistic definitions of security-an assembly kit , 2000, Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13.

[26]  Myong H. Kang Covert Channels | Here to Stay? Covert Channels | Here to Stay? , 1994 .

[27]  Philippe Schnoebelen,et al.  On Model Checking Durational Kripke Structures , 2002, FoSSaCS.