共查询到20条相似文献,搜索用时 156 毫秒
1.
2.
隐通道分析是研究高安全性计算机系统不可回避的问题。本文系统介绍了隐通道的概念,着重阐述基于信息流的存储隐通道标识方法,讨论该方法中的关键问题和重要细节。 相似文献
3.
一种隐通道威胁审计的度量方法 总被引:4,自引:0,他引:4
隐通道分析是高等级可信评估的重要指标,在TCSEC、CC和我国的GB17859-1999等标准中均有相关要求.隐通道的威胁审计是隐通道分析的重要组成部分,目前一般使用TCSEC的纯带宽标准,但它并不能全面反映出隐通道的威胁.通过形式化地定义隐通道,研究其可量化属性,分析其空间拓扑结构,建立了一个用于隐通道计算的代数系统.通过引入威胁度和威胁率两个概念给出了一种新的威胁审计度量方法,新方法与已有的纯带宽方法兼容,能够从多个不同的角度对隐通道的威胁程度进行较为全面的度量.进一步,在隐通道代数系统的支持下给出了审计中有关问题的计算方法,形成了一套完整的隐通道威胁审计度量体系. 相似文献
4.
该文提出了一类数据库系统所特有的隐通道一利用引用完整性约束传送信息的隐通道,分析了它们的带宽,并提出了处理这类隐通道的方法。 相似文献
5.
介绍了 Red Hat L inux环境下的目录结构隐通道 ,对该隐通道的理论带宽进行了计算 ,并对串行聚合隐通道的带宽进行了测试 .测试结果表明聚合隐通道造成的信息泄露更为严重 ,对此不可忽视 相似文献
6.
7.
一、前言在多用户计算机系统中,经授权对共享资源进行存取控制是很重要的。存取控制问题可以用一种用户层次结构描述。层次结构中的存取控制问题本质上是密钥分配方案的选择问题。 1983年,AKL和TAYLOR首先给出了一种基于层次结构的存取控制方案。在该方案中,在t_i整除t_j(记为t_i/t_j)的前提下,当且仅当sc_j≤sc_i,可为每一个安全类分配一可公开的整数t_i,那么,sc_i可按sk_i=(mod m)sk_(o~i)~t计算出密钥sk_i。这里sk_o是认证中心(CA)密钥;m是一对保密的大素数的积。 相似文献
8.
处理器与存储器之间的带宽差距越来越大,存储器带宽已经严重限制了计算机性能的有效提高。California大学贩IRAM(Intelligent RAM)计算机系统结构在单个DRAM芯片中集成一定逻辑功能,能有效解决这一问题,代表了体系结构研究的一个新方向。 相似文献
9.
一个安全操作系统S—UNIX的研究与设计 总被引:2,自引:0,他引:2
S-UNIX是一个基于UNIX的安全操作系统,其目标是TCSEC的B2级以上且保持与UNIX的兼容性,本文从存取控制、审计、可信进程管理、病毒防御、隐通道分析处理、可信通路建立六个方面,介绍了S-UNIX的研究与设计,S-UNIX基本系统在386微机上初步运行表明,它极大地提高了UNIX的安全性,并能够保持与UNIX的兼容性。 相似文献
10.
11.
Yu Tai Wei Hu Hui-Xiang Zhang De-Jun Mu Xing-Li Huang 《Automatic Control and Computer Sciences》2016,50(5):361-368
Vulnerabilities such as design flaws, malicious codes and covert channels residing in hardware design are known to expose hard-to-detect security holes. However, security hole detection methods based on functional testing and verification cannot guarantee test coverage or identify malicious code triggered under specific conditions and hardware-specific covert channels. As a complement approach to cipher algorithms and access control, information flow analysis techniques have been proved to be effective in detecting security vulnerabilities and preventing attacks through side channels. Recently, gate level information flow tracking (GLIFT) has been proposed to enforce bittight information flow security from the level of Boolean gates, which allows detection of hardware-specific security vulnerabilities. However, the inherent high complexity of GLIFT logic causes significant overheads in verification time for static analysis or area and performance for physical implementation, especially under multilevel security lattices. This paper proposes to reduce the complexity of GLIFT logic through state encoding and logic optimization techniques. Experimental results show that our methods can reduce the complexity of GLIFT logic significantly, which will allow the application of GLIFT for proving multilevel information flow security. 相似文献
12.
安胜安全操作系统的隐蔽通道分析 总被引:13,自引:0,他引:13
安胜安全操作系统是自主研制的基于Linux的高安全等级安全操作系统,包括安全内核,安全架构与安全模型.总结了对该系统进行的隐蔽通道分析方法,首次报道基于Linux内核开发的安全操作系统的隐蔽通道分析结果.应用新型的"回溯方法"发现了某些新的隐蔽通道.对被标识的隐蔽通道,准确地计算了它们的带宽,并进行了适当的隐蔽通道处理. 相似文献
13.
In case there is a communication contrary to the system security policies, a covert channel has been created. The attacker can easily disclosure information from the victim’s system with just one public access permission. Covert timing channels, unlike covert storage channels, do not have memory storage and they draw less attention. Different methods have been proposed for their identification, which generally benefit from the shape of traffic and the channel’s regularity. The application nature of HTTP protocol allows the creation of a covert timing channel based on different features of this protocol (or different levels) that has not been addressed in previous researches. This research tries to study the effect of using different features (or levels) of HTTP protocol on identifying the covert channel. The amount of channel’s entropy could be manipulated by changing the channel’s level or adding intentional noise on the channel to protect from the analyzer’s detection. The difference in the placement of the covert channel and the detector causes the amount of channel entropy to be far from the detection threshold. Therefore, we concluded that the analyzer must investigate traffic at all possible levels. Adding noise on the covert channel decrease its capacity, but as entropy increases, it would be harder to detect it.
相似文献14.
Virtualization technology has become very popular because of better hardware utilization and easy maintenance. However, there are chances for information leakage and possibilities of several covert channels for information flow between the virtual machines. Our work focuses on the experimental study of security threats in virtualization, especially due to covert channels and other forms of information leakage. The existence of data leakage during migration shutdown and destruction of virtual machines, is tested on different hypervisors. For empirically showing the possibility of covert channels between virtual machines, three new network based covert channels are hypothesized and demonstrated through implementation, on different hypervisors. One of the covert channels hypothesized is a TCP/IP steganography based covert channel. Other covert channels are a timing covert channel and a new network covert channel having two pairs of socket programs. We propose a VMM (Virtual Machine Monitor) based network covert channel avoidance mechanism, tackling detection resistant covert channel problems. We also address issue of reducing the possibilities of network based covert channels using VMM-level firewalls. In order to emphasize the importance of addressing the issue of information leakage through virtual machines, we illustrate the simplicity of launching network covert channel based attacks, by demonstrating an attack on a virtual machine using covert channels through implementation. 相似文献
15.
Advanced transaction processing in multilevel secure file stores 总被引:4,自引:0,他引:4
Bertino E. Jajodia S. Mancini L. Ray I. 《Knowledge and Data Engineering, IEEE Transactions on》1998,10(1):120-135
The concurrency control requirements for transaction processing in a multilevel secure file system are different from those in conventional transaction processing systems. In particular, there is the need to coordinate transactions at different security levels avoiding both potential timing covert channels and the starvation of transactions at higher security levels. Suppose a transaction at a lower security level attempts to write a data item that is being read by a transaction at a higher security level. On the one hand, a timing covert channel arises if the transaction at the lower security level is either delayed or aborted by the scheduler. On the other hand, the transaction at the high security level may be subjected to an indefinite delay if it is forced to abort repeatedly. This paper extends the classical two-phase locking mechanism to multilevel secure file systems. The scheme presented here prevents potential timing covert channels and avoids the abort of higher level transactions nonetheless guaranteeing serializability. The programmer is provided with a powerful set of linguistic constructs that supports exception handling, partial rollback, and forward recovery. The proper use of these constructs can prevent the indefinite delay in completion of a higher level transaction, and allows the programmer to trade off starvation with transaction isolation 相似文献
16.
随着信息技术的发展,网络通信安全已经成为安全领域的一个重要内容。本文详细介绍了三种基于TCP/IP包头信息隐蔽传输数据的方法,并就Windows平台阐述了利用TCP/IP包头进行信息隐蔽传输的实现。 相似文献
17.
随着信息技术的发展,网络通信安全已经成为安全领域的一个重要内容。本文详细介绍了三种基于TCP/IP包头信息隐蔽传输数据的方法,并就Windows平台阐述了利用TCP/IP包头进行信息隐蔽传输的实现。 相似文献
18.
19.
网络时间隐通道以违反安全策略的形式传递信息且以难以检测,为了减少不必要的安全隐患,网络时间隐通道的检测已成为网络安全领域亟需解决的问题。针对现有检测方法仅反映一维特征的缺陷,提出一种基于二维图像特征的网络时间隐通道的检测方法,通过将网络流隐蔽通道在时间轴上的特性关系反映到二维图像的纹理特性上,进而通过基于灰度共生矩阵的纹理特征描述方法实现网络时间隐通道检测。研究结果表明该方法可以显著提高网络隐通道的检测效率和准确率。 相似文献
20.
为了满足日益增多且机密性要求很高的情报传输需求,急需提出新的隐蔽通信方式。隐蔽通信技术需要满足的性能包括安全性和隐藏率。与此同时,区块链技术具有去中心化、匿名性、可追溯且分布式记账等特点,比特币是最为经典且普及的区块链货币应用。因此,本文提出了利用比特币的P2P网络广播机制和交易机制构造了BDTX(Broadcast-Transaction,广播-交易)隐蔽信道;利用比特币的节点连接机制构造ADDR(ADDR,地址广播)隐蔽信道。对两种隐蔽信道分别进行了详细介绍,分析了两种隐蔽信道的安全性和隐藏率,并将其与传统IP隐蔽信道进行对比。两种隐蔽信道的安全性相比传统IP网络隐蔽信道都有提高。 相似文献