Lattice scheduling and covert channels

The lattice scheduler is a process scheduler that reduces the performance penalty of certain covert-channel countermeasures by scheduling processes using access class attributes. The lattice scheduler was developed as part of the covert-channel analysis of the VAX security kernel. The VAX security kernel is a virtual-machine monitor security kernel for the VAX architecture designed to meet the requirements of the A1 rating from the US National Computer Security Center. After describing the cache channel, a description is given of how this channel can be exploited using the VAX security kernel as an example. The author discusses how this channel can be closed and the performance effects of closing the channel. The lattice scheduler is introduced, and its use in closing the cache channel is demonstrated. Finally, the work illustrates the operation of the lattice scheduler through an extended example and concludes with a discussion of some variations of the basic scheduling algorithm.<<ETX>>

[1]  Marvin Schaefer,et al.  Program confinement in KVM/370 , 1977, ACM '77.

[2]  Alan Jay Smith,et al.  Cache Memories , 1982, CSUR.

[3]  Keith Loepere Resolving covert channels within a B2 class secure system , 1985, OPSR.

[4]  Mary Ellen Zurko,et al.  A VMM security kernel for the VAX architecture , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[5]  Paul T. Robinson,et al.  Virtualizing the VAX architecture , 1991, ISCA '91.

[6]  Norman P. Jouppi,et al.  Computer technology and architecture: an evolving interaction , 1991, Computer.

[7]  Jeffrey C. Mogul,et al.  The effect of context switches on cache performance , 1991, ASPLOS IV.

[8]  John C. Wray,et al.  An analysis of covert timing channels , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[9]  Wei-Ming Hu Reducing Timing Channels with Fuzzy Time , 1992, J. Comput. Secur..