Chapter 17: Confinement Problem - PowerPoint PPT Presentation

1 / 6
About This Presentation
Title:

Chapter 17: Confinement Problem

Description:

Virtual machine program that simulates the hardware of a computer system ... Sending and receiving processes have access to the same attribute of a shared object ... – PowerPoint PPT presentation

Number of Views:205
Avg rating:3.0/5.0
Slides: 7
Provided by: xx48
Category:

less

Transcript and Presenter's Notes

Title: Chapter 17: Confinement Problem


1
Chapter 17 Confinement Problem
  • Dr. Wayne Summers
  • Department of Computer Science
  • Columbus State University
  • Summers_wayne_at_colstate.edu
  • http//csc.colstate.edu/summers

2
The Confinement Problem
  • Confinement problem preventing a server from
    leaking information that the user of the service
    considers confidential
  • Server must ensure that resources accessed on
    behalf of the client only include resources that
    client is authorized to access
  • Server must ensure that it does not reveal
    clients data to any other unauthorized entity
  • Covert channel path of communications not
    designed for communication
  • Rule of transitive confinement if confined
    process invokes a second process, the second
    process must be as confined as the caller

3
Isolation
  • Virtual machine program that simulates the
    hardware of a computer system
  • Sandbox environment in which the actions of the
    process are restricted according to a security
    policy

4
Covert Channels
  • Covert storage channel uses an attribute of the
    shared resource
  • Covert timing channel uses a temporal or ordering
    relationship among accesses to a shared resource
  • Noiseless covert channel covert channel that
    uses a resource available to only the sender and
    receiver
  • Noisy covert channel covert channel that uses a
    resource available to subjects in addition to the
    sender and receiver

5
Covert channels
  • Requirements of covert storage channel
  • Sending and receiving processes have access to
    the same attribute of a shared object
  • Sending process is able to modify the attribute
    of the shared object
  • Receiving process is able to references the
    attribute of the shared object
  • Mechanism must exist for initiating both
    processes, and properly sequencing the respective
    accesses to the shared resource

6
Covert channels
  • Requirements of covert timing channel
  • Sending and receiving processes have access to
    the same attribute of a shared object
  • Sending and receiving processes must have access
    to a time reference (e.g. clock, timer,)
  • Sending process must be able to control the
    timing of the detection of a change in the
    attribute by the receiving process
  • Mechanism must exist for initiating both
    processes, and properly sequencing the respective
    accesses to the shared resource
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Chapter 17: Confinement Problem" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!