Auditing the use of covert storage channels in secure systems

Shiuhpyng Shieh*, Virgil D. Gligor

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

10 Scopus citations

Abstract

Requirements for auditing covert storage channels are defined, and some fundamental problems which appear in most computer systems are illustrated. It is argued that audit subsystems designed to minimally satisfy the TCSEC (the DoD Trusted Computer System Evaluation Criteria) requirement are unable to detect many instances of covert channel use, and hence require major design and implementation changes before they are able to detect all use of covert storage channels. The design of the Secure Xenix tool for covert-channel audit that has been in operation since July 1989 is presented. Results of experiments indicate that the tool is able to detect all use of covert storage channels without raising false alarms.

Original languageEnglish
Title of host publication1990 IEEE Comput Soc Symp Res Secur Privacy
Editors Anon
PublisherPubl by IEEE
Pages285-295
Number of pages11
ISBN (Print)0818620609
DOIs
StatePublished - 1 Jan 1990
Event1990 IEEE Computer Society Symposium on Research in Security and Privacy - Oakland, CA, USA
Duration: 7 May 19909 May 1990

Publication series

NameProceedings of the Symposium on Security and Privacy

Conference

Conference1990 IEEE Computer Society Symposium on Research in Security and Privacy
CityOakland, CA, USA
Period7/05/909/05/90

Fingerprint Dive into the research topics of 'Auditing the use of covert storage channels in secure systems'. Together they form a unique fingerprint.

Cite this