Segurança da informação
MCI 2015/2016
Covert channels
Henrique Silva
Laura Lopes
1. Segurança informática
Breve enquadramento teórico
2. Covert channels
Conceito
http://fas.org/irp/nsa/rainbow/tg030.htm#2.0
1973 Lampson Covert channels, i.e. those not intended for information transfer at all, such
as the service program's effect on the system load.
da "Nota sobre o Confinamento problema" que introduziu o termo "canais secretos" mas
restrito seu uso a uma subclasse de canais de fuga que excluía canais de armazenamento e
canais "legítimas". Hoje em dia, que chamamos de canais de armazenamento e canais de
temporização secretas canais, e canais de atendimento legítimo exemplos de informações
escondendo.
1984 Simmons - concept of subliminal channel through steganography
1987 Girling - network covert channels
Definition 1 - A communication channel is covert if it is neither designed nor
intended to transfer information at all. [Lampson73] (Note: Lampson's definition of
covert channels is also presented in [Huskamp78].)
Definition 2 - A communication channel is covert (e.g., indirect) if it is based on
"transmission by storage into variables that describe resource states." [Schaefer77]
Definition 3 - Covert channels "will be defined as those channels that are a result of
resource allocation policies and resource management implementation."
[Huskamp78] (Note: The computing environment usually carries out resource
allocation policies and implementation.)
Definition 4 - Covert channels are those that "use entities not normally viewed as
data objects to transfer information from one subject to another." [Kemmerer83]
Definition 5 - Given a nondiscretionary (e.g., mandatory) security policy model M
and its interpretation I(M) in an operating system, any potential communication
between two subjects I(Sh) and I(Si) of I(M) is covert if and only if any
communication between the corresponding subjects Sh and Si of the model M is
illegal in M. [Tsai90]
3. Características
A covert channel is so called because it is hidden from the access control mechanisms of ultra­high­assurance secure operating systems since it does not use the legitimate data transfer mechanisms of the computer system such as read and write, and therefore cannot be detected or controlled by the hardware based security mechanisms that underlie ultra­high­assurance secure operating systems. Covert channels are exceedingly hard to install in real systems, and can often be detected by monitoring system performance; in addition, they suffer from a low ​
signal­to­noise ratio and low data rates (on the order of a few bits per second). They can also be removed manually with a high degree of assurance from secure systems by well established covert channel analysis strategies.
Steganography ​
is the practice of concealing a file, message, image, or video within another file, message, image, or video.
4. Limitações
● Noise
● Bandwith
5. Tipos
Storage Channels
Timing Channels
6.
Exemplos
ICMP­Chat
7. Referências bibliográficas
[Girling87] Covert channels in LAN's - C. G. Girling IEEE Transactions on Software
Engineering, 1987
[Rowland96] Covert channels in the TCP/IP protocol suite - C. H. Rowlan
http://www.firstmonday.dk/issues/issue2_5/rowland/