A GUIDE TO UNDERSTANDING COVERT CHANNEL ANALYSIS OF TRUSTED SYSTEMS

Keywords covert analysis channel analysis trusted systems covert channel
Standards groups

This document provides guidance to vendors on what types of analyses they should carry out for identifying and handling covert channels in their systems, and to system evaluators and accreditors on how to evaluate the manufacturer's analysis evidence. Note, however, that the only measure of TCSEC compliance is the TCSEC. This guide contains suggestions and recommendations derived from TCSEC objectives but which are not required by the TCSEC.
This guide is not a tutorial introduction to any topic of CCA. Instead, it is a summary of analysis issues that should be addressed by operating systems designers, evaluators, and accreditors to satisfy the requirements of the B2-A1 classes. Thus, we assume the reader is an operating system designer or evaluator already familiar with the notion of covert channels in operating systems. For this reader, the guide defines a set of baseline requirements and recommendations for the analysis and evaluation of covert channels. For the reader unfamiliar with CCA techniques used to date, the following areas of further documentation and study may be useful:
Mandatory security models and their interpretation in operating systems [Bell and La Padula76, Biba77, Denning83, Gasser88, Honeywell85a, Honeywell85b, Luckenbaugh86, Rushby85, Walter74]; Experience with covert channel identification reported in the literature to date [Benzel84, Haigh87, He and Gligor90, Karger and Wray91, Kemmerer83, Lipner75, Loepere85, Millen76, Millen8l, Millen89b, Schaefer77, Tsai90, Wray91];
Bandwidth estimation techniques using standard information theory [Huskamp78, Millen89a, Shannon and Weaver64]; informal bandwidth estimation techniques [Tsai and Gligor88j;
Covert channel handling techniques [Schaefer77, Shieh and Gligor90, Hu91]; and
Other TCSEC guidelines relevant to covert channel handling [NCSC Audit, NCSC Testing].
The reader who is intimately familiar with CCA techniques may want to refer only to the sections on the "TCSEC Requirements and Recommendations" (i.e., Sections 3.4, 4.3, and 6.1) and on "Satisfying the TCSEC Requirements for Covert Channel Analysis" (Chapter 7).

Metadata
Document identifier
NCSC-TG-030
Version
1
Date published
2019-02-27
Document type
trainer's guide
Pages
56
Defines standard
Replaced/Superseded by document(s)
Cancelled by
Amended by
File MIME type Size (KB) Language Download
Covert Channel Analysis.pdf application/pdf   548.89 KB English DOWNLOAD!
File attachments
Visit also
Copyright