Access the full text.
Sign up today, get DeepDyve free for 14 days.
References for this paper are not available at this time. We will be adding them shortly, thank you for your patience.
A note on the Relationship Between Covert Channels and Application Verification David Slater Computer Sciences Corporation Abstract: The purpose of this paper is to present a warning that covert channels even at very low bandwidths can be a significant threat in conjuction with sufficiently sophisticated "trojan horses". According to DOD 5200,28-STD (the orange book) covert channels with a bandwidth of under I bit per ten seconds need not even be audited in a trusted system. While this seems reasonable it is easy to imagine scenarios where covert channels with a flow rate much lower than this may indeed compromise vital information, if the process from which the flow originates is an intelligent trojan horse. Consider the following scenario: A trusted multi-level secure strategic logistics system with a trojan horse which is an expert system capable of detecting whether there are troop and supply movements planned, which would allow offensive action within the next week. A convert channel with the rate of one bit per day, which each day transmits this information from the expert trojan horse to an insecure process would certainly be of great value in strategic planning. In summary, when considering the maximum bandwidth requirements on convert channels, it is necessay to consider this in line with the type of information available to processes running at the higher security levels, and the degree of trust that one has in these applications. please note: Mr Slater's address is: Computer Sciences Corporation Systems Division 6565 Arlington Boulevard Falls Church, Virginia 22046 The Editor
ACM SIGSAC Review – Association for Computing Machinery
Published: Jan 1, 1987
You can share this free article with as many people as you like with the url below! We hope you enjoy this feature!
Read and print from thousands of top scholarly journals.
Already have an account? Log in
Bookmark this article. You can see your Bookmarks on your DeepDyve Library.
To save an article, log in first, or sign up for a DeepDyve account if you don’t already have one.
Copy and paste the desired citation format or use the link below to download a file formatted for EndNote
Access the full text.
Sign up today, get DeepDyve free for 14 days.
All DeepDyve websites use cookies to improve your online experience. They were placed on your computer when you launched this website. You can change your cookie settings through your browser.