A Guide to Understanding Covert Channel Analysis of Trusted Systems

Front Cover
DIANE Publishing, 1994 - 122 pages
Provides a set of good practices related to covert channel analysis of systems employed for processing classified and other sensitive information. Written to help vendors and evaluators understand covert channel analysis requirements. Contains suggestions and recommendations. Glossary. References. Illustrations
 

What people are saying - Write a review

We haven't found any reviews in the usual places.

Contents

Common terms and phrases

Popular passages

Page 3 - Systems that are used to process or handle classified or other sensitive information must be designed to guarantee correct and accurate interpretation of the security policy and must not distort the intent of that policy.
Page 94 - A means of restricting access to objects based on the sensitivity (as represented by a label) of the information contained in the objects and the formal authorization (ie, clearance) of subjects to access information of such sensitivity.
Page 96 - The totality of protection mechanisms within a computer system - including hardware, firmware, and software - the combination of which is responsible for enforcing a security policy.
Page 14 - Covert Timing Channel - A covert channel in which one process signals information to another by modulating its own use of system resources (eg, CPU time) in such a way that this manipulation affects the real response time observed by the second process.
Page 93 - A covert channel that involves the direct or indirect writing of a storage location by one process and the direct or indirect reading of the storage location by another process. Covert storage channels typically involve a finite resource (eg, sectors on a disk) that is shared by two subjects at different security levels.
Page 95 - Security Policy - The set of laws, rules, and practices that regulate how an organization manages, protects, and distributes sensitive information.
Page 85 - ... informally shown to be consistent with the formal top-level specification (FTLS). The elements of the FTLS shall be shown, using informal techniques, to correspond to the elements of the TCB. Documentation shall describe how the TCB is structured to facilitate testing and to enforce least privilege. This documentation shall also present the results of the covert channel analysis and the tradeoffs involved in restricting the channels. All auditable events that may be used in the exploitation of...
Page 94 - A Top-Level Specification that is written in a formal mathematical language to allow theorems showing the correspondence of the system specification to its formal requirements to be hypothesized and formally proven. Formal Verification...
Page 1 - The criteria are divided into four divisions: D, C, B, and A ordered in a hierarchical manner with the highest division (A) being reserved for systems providing the most comprehensive security. Each division represents a major improvement in the overall confidence one can place in the system for the protection of sensitive information.
Page 94 - A passive entity that contains or receives information. Access to an object potentially implies access to the information it contains. Examples of objects are: records, blocks, pages, segments, files, directories, directory trees, and programs, as well as bits, bytes, words, fields, processors, video displays, keyboards, clocks, printers, network nodes, etc.

Bibliographic information