Covert channel analysis in secure operating systems with high security levels

Ruan Jian Xue Bao/Journal of Software

Volumn 15, Issue 12, 2004, Pages 1837-1849

  Qing, Si Han ^a,b  

^a INSTITUTE OF GEOLOGY AND GEOPHYSICS   (China)

^b INSTITUTE OF SOFTWARE   (China)

Author keywords

Covert channel analysis; Information flow; Secure operating system; Storage channel; Timing channel

Indexed keywords

CALCULATIONS; COMMUNICATION CHANNELS (INFORMATION THEORY); DATA FLOW ANALYSIS; MEASUREMENTS; SECURITY OF DATA; SEMANTICS;

COVERT CHANNELS; HIGH SECURITY LEVELS; SECURE OPERATING SYSTEMS; STORAGE CHANNELS; TIMING CHANNELS;

COMPUTER OPERATING SYSTEMS;

EID: 12844265899     PISSN: 10009825     EISSN: None     Source Type: Journal    
DOI: None     Document Type: Article

References (28)

1. Lampson BW. A note on the confinement problem. CACM, 1973, 16(10).
2. Qing SH, Liu WQ, Liu HF. Introduction to Operation System Security. Beijing: Science Press, 2003 (in Chinese).
3. NCSC. A guide to understanding covert channel analysis of trusted system, NCSC-TG-030, 1993.
4. U.S. Department of Defense. Trusted Computer System Evaluation Criteria, DoD 5200.28-STD. 1985.
5. Schaefer M, Gold B, Linde R, Scheid J. Program confinement in KVM/370. In: Proc. of the 1977 Annual ACM Conf. New York: ACM, 1977. 404-410.
6. Huskamp JC. Covert communication channels in time sharing systems. Technical Report UCB-CS-78-02, 1978.
7. Kemmerer RA. Shared resource matrix methodology: An approach to identifying storage and timing channels. ACM Trans. on Computer Systems, 1983. 256-277.
8. Tsai CR, Gligor VD, Chandersekaran CS. A formal method for the identification of covert storage channels in source code. IEEE Trans. on Software Engineering, 1990. 569-580.
9. Lipner SB. A comment on the confinement problem. Operating Systems Review, 1975. 192-196.
10. Porras PA, Kemmerer RA. Covert flow trees: A technique for identifying and analyzing covert storage channels. In: Proc. of the 1991 IEEE Computer Society Symp. on Research in Security and Privacy. 1991. 36-51.
11. McHugh J. Covert channel analysis: A chapter of the handbook for the computer security certification of trusted system. NRL Technical Memorandum 5540:062A, 1995.
12. Kemmerer RA, Taylor TA. Modular covert channel analysis methodology for trusted DG/UXTM. IEEE Trans. on Software Engineering, Vol. 22, 1996.
13. Denning DE. A lattice model of secure information flow. Communications of the ACM, 1976. 236-243.
14. He J, Gligor VD. Information flow analysis for covert-channel identification in multilevel secure operating systems. In: Proc. of the 3rd IEEE Workshop on Computer Security Foundations. 1990. 139-148.
15. Feiertag R. A technique for proving specifications are multilevel secure. Technical Report CSL-109, 1980.
16. Feiertag R, Levitt KN, Robinson L. Proving multilevel security of a system design. In: Proc. of the 6th ACM Symp. on Operating Systems Principles. 1977. 57-65.
17. Goguen JA, Meseguer J. Security policies and security models. In: Proc. of the IEEE Symp. on Security and Privacy. 1982. 11-20.
18. Millen JK. Foundations of covert-channel detection. Technical Report MTR-10538, The MITRE Corporation, 1989.
19. Goguen JA, Meseguer J. Unwinding and inference Control. In: Proc. of the IEEE Symp. on Security and Privacy. 1984. 75-86.
20. Haigh JT, Kemmerer RA, McHugh J, Young WD. An experience using two covert channel analysis techniques on a real system design. IEEE Trans. on Software Engineering, 1987. 157-168.
21. Millen JK. Finite-State noiseless covert channels. In: Proc. of the Computer Security Foundations Workshop. 1989. 81-85.
22. Tsai CR, Gligor VD. A bandwidth computation model for covert storage channels and its applications. In: Proc. of the IEEE Symp. on Security and Privacy. 1988. 108-121.
23. Shannon CE, Weaver W. The Mathematical Theory of Communication. Urbana: The University of Illinois Press, 1964.
24. Shieh SP. Estimating and measuring covert channels bandwidth in multilevel secure operating system. Journal of Information Science and Engineering, 1999, 15: 91-106.
25. Hu WM. Reducing timing channels with fuzzy time. In: Proc. of the IEEE Symp. on Research in Security and Privacy. 1991. 8-20.
26. Shieh SP, Gligor VD. Auditing the use of covert channels in secure systems. In: Proc. of the IEEE Symp. on Research in Security and Privacy. 1990.
27. Qing SH, Liu WQ, Weng HZ, Liu HF. Operation System Security. Beijing: Tsinghua University Press, 2004 (in Chinese).