On the Identification of Covert Storage Channels in Secure Systems
IEEE Transactions on Software Engineering
Shared resource matrix methodology: an approach to identifying storage and timing channels
ACM Transactions on Computer Systems (TOCS)
A lattice model of secure information flow
Communications of the ACM
A Practical Approach to Identifying Storage and Timing Channels: Twenty Years Later
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Hi-index | 0.00 |
Operating systems and their security are the foundation to underlay and assure the security of information systems. While effective analysis and processing mechanism for covert channels inside operating systems is one of the bottleneck issues to build up operating systems of high security levels. In this paper, some methods for identification of covert channels such as syntactic information flow method, semantic information flow method, shared resources matrix method and covert flow tree method are studied at first. Then a prototype is designed and implemented to identify covert channels inside Linux kernel based on source codes by the way of integrating above methods together. The prototype is tested on the source codes of Linux kernel 2.4.18, potential covert channels are identified and analyzed from the view of application scene so that some actual covert channels are distilled and it is verified about the validity of the prototype and the related method. Finally, research work in this paper is summarized and further research directions in future are pointed out.