Please wait a minute...
ZJUS-A
Journal of Zhejiang University-SCIENCE A (Applied Physics & Engineering)  2008, Vol. 9 Issue (6): 737-743    DOI: 10.1631/jzus.A071510
Electrical & Electronic Engineering     
Integrated criteria for covert channel auditing
Chang-da WANG, Shi-guang JU
School of Computer Science and Telecommunications Engineering, Jiangsu University, Zhenjiang 212013, China; School of Computer Science, Carleton University, Ottawa, Ontario K1S 5B6, Canada
Download:     PDF (0 KB)     
Export: BibTeX | EndNote (RIS)      

Abstract  A new concept, the security level difference of a covert channel, is presented, which means the security level span from the sender to the receiver of the covert channel. Based on this, the integrated criteria for covert channel auditing are given. Whereas TCSEC (Trusted Computer System Evaluation Criteria) or CC (Common Criteria for Information Technology Security Evaluation) only use the bandwidth to evaluate the threat of covert channels, our new criteria integrate the security level difference, the bandwidth sensitive parameter, bandwidth, duration and instantaneous time of covert channels, so as to give a comprehensive evaluation of the threat of covert channels in a multilevel security system.

Key wordsMultilevel security      Covert channel      Covert channel auditing     
Received: 24 September 2007     
CLC:  TP309.2  
Service
E-mail this article
Add to my bookshelf
Add to citation manager
E-mail Alert
RSS
Articles by authors
Chang-da WANG
Shi-guang JU
Cite this article:

Chang-da WANG, Shi-guang JU. Integrated criteria for covert channel auditing. Journal of Zhejiang University-SCIENCE A (Applied Physics & Engineering), 2008, 9(6): 737-743.

URL:

http://www.zjujournals.com/xueshu/zjus-a/10.1631/jzus.A071510     OR     http://www.zjujournals.com/xueshu/zjus-a/Y2008/V9/I6/737

[1] CAI Liang, YANG Xiao-hu, DONG Jin-xiang. Building a highly available and intrusion tolerant database security and protection system (DSPS)[J]. Journal of Zhejiang University-SCIENCE A (Applied Physics & Engineering), 2003, 4(3): 287-293.
[2] CAI Liang, YANG Xiao-hu, DONG Jin-xiang. A reference model for database security proxy[J]. Journal of Zhejiang University-SCIENCE A (Applied Physics & Engineering), 2002, 3(1): 30-36.
[3] HAN Wei-li, CHEN Gang, YIN Jian-wei, DONG Jin-xiang. Consistency maintenance for constraint in role-based access control model[J]. Journal of Zhejiang University-SCIENCE A (Applied Physics & Engineering), 2002, 3(3): 292-297.