Lanotte_etal2004
Proceedings
Springer
2004
Information and Communications Security, 6th International Conference, ICICS 2004, Malaga, Spain, October 27-29, 2004, Proceedings
3269
249-261
LanotteRuggero
Maggiolo-SchettiniAndrea
TiniSimone
TroinaAngelo
TronciEnrico
LopezJ.
QingS.
OkamotoE.
Automatic Covert Channel Analysis of a Multilevel Secure Component
The NRL Pump protocol defines a multilevel secure component whose goal is to minimize leaks of information from high level systems to lower level systems, without degrading average time performances. We define a probabilistic model for the NRL Pump and show how a probabilistic model checker (FHP-mur$\varphi$) can be used to estimate the capacity of a probabilistic covert channel in the NRL Pump. We are able to compute the probability of a security violation as a function of time for various configurations of the system parameters (e.g. buffer sizes, moving average size, etc). Because of the model complexity, our results cannot be obtained using an analytical approach and, because of the low probabilities involved, it can be hard to obtain them using a simulator.