Advertisement

The Dilemma of Covert Channels Searching

  • Changda Wang
  • Shiguang Ju
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3935)

Abstract

Covert channel is a famous drawback exists in most of multilevel security systems. Both TESEC and CC standards need covert channel analysis when secure software tries to get the certification of some security levels, i.e. B2 and EAL5 or above in TCSEC and CC, respectively. Search method is one of the most important works with ad hoc characters in covert channels analysis. Though some semi auto tools have been built, peoples who work in this area are eager to develop an auto search tool to find all of covert channels since it was first known in 1973. This paper proves that willingness is a kind of undecidable problems, by which illustrates it’s impossible to build a program which can identify all of covert channels in a security computer system automatically.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Kemmerer, R.A., Porras, P.A.: Covert Flow Trees: A Visual Approach to Analyzing Covert Storage Channels. IEEE Transactions on Software Engineering 17(11), 1166–1184 (1991)CrossRefGoogle Scholar
  2. 2.
    Kemmerer, R.A.: Shared resource matrix methodology: A practical approach to identifying covert channels. ACM Transactions on Computer Systems 1(3), 256–277 (1983)CrossRefGoogle Scholar
  3. 3.
    Wang, C., Ju, S., Guo, D., Yang, Z., Zheng, W.: Research on the methods of search and elimination in covert channel. In: Li, M., Sun, X.-H., Deng, Q.-n., Ni, J. (eds.) GCC 2003. LNCS, vol. 3032, pp. 988–991. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  4. 4.
    Wang, C., Ju, S.: Searching Covert Channels by Identifying Malicious Subjects in the Time Domain. In: 5th IEEE Information Assurance Workshop, U.S.A, June 9-11, 2004, pp. 68–73 (2004)Google Scholar
  5. 5.
    Wang, C., Ju, S.: The minimum criteria of covert channels existence and its application. Journal of Computer Science 32(1), 77–79 (2005)Google Scholar
  6. 6.
    Salomaa, A.: Formal language. ACM Monography Series. Academic Press, New York (1973)zbMATHGoogle Scholar
  7. 7.
    Tsai, C.R., Gligor, V.D., Chandersekaran, C.S.: On the identification of covert storage channels in secure systems. IEEE Transactions on Software Engineering 16(6), 569–580 (1990)CrossRefGoogle Scholar
  8. 8.
    Tsai, C.R., Gligor, V.D., Chandersekaran, C.S.: A formal method for the identification of covert storage channels in source code. In: 1987 IEEE Symposium on Security and Privacy, Oakland, CA, pp. 74–86. IEEE Computer Society Press, Los Alamitos (1987)Google Scholar
  9. 9.

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Changda Wang
    • 1
    • 2
  • Shiguang Ju
    • 1
  1. 1.School of Computer Science and Telecommunications EngineeringJiangsu UniversityZhenjiang, JiangsuChina
  2. 2.School of Computer ScienceCarleton UniversityOttawaCanada

Personalised recommendations