I do not think that the concept of covert channel has to be related with Trusted Systems, there are a lot of examples where there is a covert channel and no trusted system in place (I think this is true for most of the cases since trusted system usage and deployment is not "extensive"). A few definitions of covert channel I found: "covert channel: 1. A transmission channel that may be used to transfer data in a manner that violates security policy. [2382-pt.8] 2. [An] unintended and/or unauthorized communications path that can be used to transfer information in a manner that violates an information system (IS) security policy. [INFOSEC-99]" (http://www.atis.org/tg2k/_covert_channel.html) "Covert Channel - A communication channel that allows a process to transfer information in a manner that violates the system's security policy. See also: Covert Storage Channel, Covert Timing Channel." (http://www.kernel.org/pub/linux/libs/security/Orange-Linux/refs/Orange/ Orange0-5.html) "A covert channel means a communication channel that allows an information flow contrary to the security requirements. There is a distinction between time and storage channels. A time channel is a communication path utilizing the time behavior of the system for the system for the transmission of information. A storage channel utilizes the (finite) resources of a computer." (http://www.informatik.uni-bremen.de/gdpa/methods/m-acc.htm) So in essence a covert channel is an unintended and/or unauthorized communication path to transfer information as I see it, whether there is a trusted system in place or not. The concept of security policy appears in some of the definitions and I think it is important to formalize the existence of authorized and unauthorized communications. Omar Herrera -----Original Message----- From: Richard Masoner [mailto:richardmasonerat_private] Sent: Miércoles, 23 de Octubre de 2002 01:57 p.m. To: Michal Zalewski; Frank Knobbe Cc: vuln-devat_private; pen-testat_private Subject: RE: Covert Channels I've only been following this thread peripherally, but isn't covert channel discussion limited to analyzing the assurance of Trusted Systems? Perhaps my view is limited since Trusted System development is something I've done, but it seems to me that this thread has been on steganography instead of covert channels of communication. On a trusted system, for example, a user isn't going to modify the IP header to steganographically send secret information, because he can't. In the Trusted Systems world, covert channel analysis and detection is something that is done, and in that community it's considered science, not snake oil. Part of covert channel detection, for example, might be flagging a user who copies text from an X window and pastes that text into an X window that's at a lower privilege level. Richard Masoner __________________________________________________ Do you Yahoo!? Y! Web Hosting - Let the expert host your web site http://webhosting.yahoo.com/
This archive was generated by hypermail 2b30 : Wed Oct 23 2002 - 14:44:44 PDT