Sciweavers

ACSAC
2002
IEEE

A Practical Approach to Identifying Storage and Timing Channels: Twenty Years Later

13 years 8 months ago
A Practical Approach to Identifying Storage and Timing Channels: Twenty Years Later
Secure computer systems use both mandatory and discretionary access controls to restrict the flow of information through legitimate communication channels such as files, shared memory and process signals. Unfortunately, in practice one finds that computer systems are built such that users are not limited to communicating only through the intended communication channels. As a result, a well-founded concern of security-conscious system designers is the potential exploitation of system storage locations and timing facilities to provide unforeseen communication channels to users. These illegitimate channels are known as covert storage and timing channels. Prior to the presentation of this paper twenty years ago the covert channel analysis that took place was mostly ad hoc. Methods for discovering and dealing with these channels were mostly informal, and the formal methods were restricted to a particular specification language. This paper presents a methodology for discovering storage ...
Richard A. Kemmerer
Added 14 Jul 2010
Updated 14 Jul 2010
Type Conference
Year 2002
Where ACSAC
Authors Richard A. Kemmerer
Comments (0)