Abstract
The paper introduces a technique for detecting covert storage channels using a graph structure called an Information Flow Graph (IFG). The IFG can offer the information flows of the system for covert channel detection. By searching for the paths of an IFG, operation sequences can be gained, which will enhances the analyst’s understanding of the channels. To illustrate the technique, an example system is analyzed and the result is compared to two analysis approaches, the Shared Resources Matrix and the Covert Flow Trees.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bell, D.E., LaPadula, L.J.: Secure Computer Systems: Unified Exposition and Multics Interpretation. Mitre Crop., Bedford, MA, Tech. Rep. ESD_TR_75_306 (1975)
Kemmerer, R.A., Porras, P.A.: Covert Flow Trees: a Visual Approach to Analyzing Covert Storage Channels. IEEE Transactions on Software Engineering 17(11), 1166–1185 (1991)
Kemmerer, R.A.: Shared Resource Matrix Methodology: an Approach to Identifying Storage and Timing Channels. ACM Transactions on Computer Systems 1(3), 256–277 (1983)
Goguen, J., Meseguer, J.: Security Policies and Security Models. In: Proc. 1982 Symposium on Security and Privacy, pp. 11–20. IEEE Press, New York (1982)
Denning, D.E.: A Lattice Model of Secure Information Flow. Communications of the ACM 19(5), 236–243 (1976)
Porras, P.A., Kemmerer, R.A.: Covert Flow Tree Analysis Approach to Covert Storage Channel Identification. Comput. Sci. Dept., Univ. California. Santa Barbara, Tech. Rep. No. TRCS 90-26 (December 1990)
Qing, S.H., Zhu, J.F.: Covet Channel Analysis on ANSHENG Secure Operating System. Journal of Software 15(9), 1385–1392 (2004)
McHugh, J.: Handbook for the Computer Security Certification of Trusted Systems - Covert Channel Analysis. Technical Report, Naval Research Laboratory (February 1996)
Shen, J., Qing, S., Shen, Q., Li, L.: Covert Channel Identification Founded on Information Flow Analysis. In: Hao, Y., Liu, J., Wang, Y.-P., Cheung, Y.-m., Yin, H., Jiao, L., Ma, J., Jiao, Y.-C. (eds.) CIS 2005. LNCS (LNAI), vol. 3802, pp. 381–387. Springer, Heidelberg (2005)
Shen, J.J., Qing, S.H., Shen, Q.N., Li, L.P.: Optimization of covert channel identification. In: Proceeding of the Third IEEE International Security in Storage Workshop (SISW 2005), p. 13 (December 2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Song, X., Ju, S., Wang, C., Zhou, C. (2011). Information Flow Graph: An Approach to Identifying Covert Storage Channels. In: Chen, L., Yung, M. (eds) Trusted Systems. INTRUST 2010. Lecture Notes in Computer Science, vol 6802. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25283-9_6
Download citation
DOI: https://doi.org/10.1007/978-3-642-25283-9_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-25282-2
Online ISBN: 978-3-642-25283-9
eBook Packages: Computer ScienceComputer Science (R0)