A study of covert channels in a trusted UNIX system
DeJong, Ronald Johannes
Irvine, Cynthia E.
Shimeall, Timothy J.
MetadataShow full item record
Analysis and identification of potential channels for illicit information flow is not required for Class Bi trusted systems such as the Sun Microsystems Trusted Solaris 1.1 trusted computing base. When used in a multilevel context such channels would present a risk to data security. The problem addressed by this thesis is the identification of covert channels in Trusted Solaris and the determination if their exploitation can be detected using mechanisms provided to the security administrator. The approach taken to address this problem was to identify covert storage channels in the form of observable effects and exceptions of sharing internal databases by subjects at differing access classes. Software was developed to exploit the identified covert channels using a method requiring detailed specifications prior to the creation of code. Audit trails were obtained to evaluate the efficacy of audit in detecting active covert channel exploitation.
Showing items related by title, author, creator and subject.
Gonçalves, Ricardo André Santana (Monterey, California: Naval Postgraduate School, 2011-06);Covert channels in modern communication networks are a source of security concerns. Such channels can be used to facilitate command and control of botnets or inject malicious contents into unsuspected end-user devices or ...
Dye, Derek J. (Monterey, California. Naval Postgraduate School, 2011-03);This thesis explores the detectability and robustness of packet length covert channels. We discovered that packet length covert channels, where a rogue user modulates the length of a Transport Control Protocol packet, can ...
Shaffer, Alan B. (2008);Unauthorized information flows can result from malicious software exploiting covert channels and overt flaws in access control design. To address this problem, we present a precise, formal definition for information ...