Integrated criteria for covert channel auditing

A new concept, the security level difference of a covert channel, is presented, which means the security level span from the sender to the receiver of the covert channel. Based on this, the integrated criteria for covert channel auditing are given. Whereas TCSEC (Trusted Computer System Evaluation C...

Full description

Saved in:
Bibliographic Details
Published in:Journal of Zhejiang University. A. Science 2008-06, Vol.9 (6), p.737-743
Main Authors: Wang, Chang-da, Ju, Shi-guang
Format: Article
Language:English
Subjects:
Civil Engineering
Classical and Continuum Physics
Engineering
Industrial Chemistry/Chemical Engineering
Mechanical Engineering
信息技术
可信计算机系统
多级安全
Citations: Items that this one cites
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:A new concept, the security level difference of a covert channel, is presented, which means the security level span from the sender to the receiver of the covert channel. Based on this, the integrated criteria for covert channel auditing are given. Whereas TCSEC (Trusted Computer System Evaluation Criteria) or CC (Common Criteria for Information Technology Security Evaluation) only use the bandwidth to evaluate the threat of covert channels, our new criteria integrate the security level difference, the bandwidth sensitive parameter, bandwidth, duration and instantaneous time of covert channels, so as to give a comprehensive evaluation of the threat of covert channels in a multilevel security system.
ISSN:1673-565X
1862-1775
DOI:10.1631/jzus.A071510