Computer and Network Security Lecture 4 Richard Newman - PowerPoint PPT Presentation
1 / 7
Title:
Computer and Network Security Lecture 4 Richard Newman
Description:
... Network Security Lecture 4 Richard Newman. Example of a ... Long interval - 1 Short interval - 0 ... Computer and Network Security Lecture 4 Richard Newman ... – PowerPoint PPT presentation
Number of Views:28
Avg rating:3.0/5.0
Title: Computer and Network Security Lecture 4 Richard Newman
1
Computer and Network Security Lecture 4
Richard Newman
- Covert channels
- Broad Definition
- Mechanism by which a process may transmit data
to another process in unconventional and (
pretty much ) non-obvious ways. - Narrow Definition
- In multi level secure system, a non-conventional
(not usually monitored/mediated by the reference
monitor) way for a high-level process to
communicate to a low-level process. - Classification
- Timing channels (modulation of resource
utilization) - Storage channels (alteration state of system
variables)
2
Computer and Network Security Lecture 4
Richard Newman
- Example of a Timing channel
- Two processes share a resource ( here CPU ) to
communicate - Long interval - 1 Short interval - 0
- CPU usage Hi uses full time quantum if 1 or
voluntarily releases CPU if 0
Normal CPU schedule
Hi
Lo
Hi
Hi
Lo
Lo
Hi
Hi
Lo
Hi communicating to Lo by releasing its time
quantum earlier for a 0 and using its full time
quantum for 1
Hi
Hi
Hi
Lo
Lo
Lo
Lo
Lo
Hi
Hi
1
1
0
0
Start t1
End t2
t3
t4
t2- t1 gt q1 gt 1
t4 - t3 lt q0 gt 0
3
Computer and Network Security Lecture 4
Richard Newman
- Example of a Storage channel
- Fill table FULL
- Hi fills FT -----------gt FT 1
- Hi opens a space in FT -------gt FT 0
- Lo tried to create a new file
- if FAIL -------gt 1
- if SUCCED ---gt 0 and delete file
- Semaphores, locks can also be used
4
Computer and Network Security Lecture 4
Richard Newman
- Controls
- Find covert channel ( using shared resource
matrix , examining using compiler ), estimate
capacity, handle them - Fixed allocation for low/medium/high - partition
resources - Reallocate the quantum for low
- Purposely introduce noise
- Change the allocation
- Mode based security
- Do not allow Hi to change modes in any fashion.
Allow Hi to change mode only step by step. - If there are P partition values, then there
can be log 2 P bits/symbol - If only F mode changes /second is allowed then
only F(log 2 P) bits/sec can be conveyed.
5
Computer and Network Security Lecture 4
Richard Newman
- Identifying Potential covert channels using
Shared Resource Matrix - Construct a Shared Resource Matrix for the
concerned process
Service Process Spys Process Data file A
R,M R,M Confidential data
R
- Check for pattern like the one shown
below. - If such a pattern exists then the service
process can pass information to the spys
process. - In the above e.g. the service process can
read confidential data and write that in file A
which can be - read by the spys process.
M
R
R
6
Computer and Network Security Lecture 4
Richard Newman
- Controls against program threats
- Programming controls
- Description of programming task
- Peer reviews
- Modularity,encapsulation and information hiding
- Independent testing
- Configuration management
- Proofs of program correctness
- Process improvement
7
Computer and Network Security Lecture 4
Richard Newman
- Controls against program threats continuation...
- Operating system controls
- Trusted software
- Mutual suspicion
- Confinement
- Access log
- Administrative controls
- Enforcement of standards
- Separation of duty
- Physical and timing separation
- Other controls
- Fire walls
- Cryptography
