Title :
Auditing the use of covert storage channels in secure systems
Author :
Shieh, Shiuh-Pyng W. ; Gligor, Virgil D.
Author_Institution :
Dept. of Electr. Eng., Maryland Univ., College Park, MD, USA
Abstract :
Requirements for auditing covert storage channels are defined, and some fundamental problems which appear in most computer systems are illustrated. It is argued that audit subsystems designed to minimally satisfy the TCSEC (the DoD Trusted Computer System Evaluation Criteria) requirement are unable to detect many instances of covert channel use, and hence require major design and implementation changes before they are able to detect all use of covert storage channels. The design of the Secure Xenix tool for covert-channel audit that has been in operation since July 1989 is presented. Results of experiments indicate that the tool is able to detect all use of covert storage channels without raising false alarms
Keywords :
security of data; DoD Trusted Computer System Evaluation Criteria; Secure Xenix tool; TCSEC; auditing; computer systems; covert storage channels; secure systems; Computer security; Computerized monitoring; Educational institutions; Laboratories; Petroleum; Secure storage; Trademarks;
Conference_Titel :
Research in Security and Privacy, 1990. Proceedings., 1990 IEEE Computer Society Symposium on
Conference_Location :
Oakland, CA
Print_ISBN :
0-8186-2060-9
DOI :
10.1109/RISP.1990.63858