Electrical & Electronic Engineering |
|
|
|
|
Integrated criteria for covert channel auditing |
Chang-da WANG, Shi-guang JU |
School of Computer Science and Telecommunications Engineering, Jiangsu University, Zhenjiang 212013, China; School of Computer Science, Carleton University, Ottawa, Ontario K1S 5B6, Canada |
|
|
Abstract A new concept, the security level difference of a covert channel, is presented, which means the security level span from the sender to the receiver of the covert channel. Based on this, the integrated criteria for covert channel auditing are given. Whereas TCSEC (Trusted Computer System Evaluation Criteria) or CC (Common Criteria for Information Technology Security Evaluation) only use the bandwidth to evaluate the threat of covert channels, our new criteria integrate the security level difference, the bandwidth sensitive parameter, bandwidth, duration and instantaneous time of covert channels, so as to give a comprehensive evaluation of the threat of covert channels in a multilevel security system.
|
Received: 24 September 2007
|
|
|
Viewed |
|
|
|
Full text
|
|
|
|
|
Abstract
|
|
|
|
|
Cited |
|
|
|
|
|
Shared |
|
|
|
|
|
Discussed |
|
|
|
|