Searching Covert Channels In Linux Kernel Based On Shared Resource Matrix Method

With the arrival of the global information age, information technology has been widely and deeply applied in every walk of life. During such a period, work for guaranteeing information security, especially the security of basic network, key information systems and contents, has become a major issue to be solved, and the security problems of operating systems, network and database systems occupy the central position of it. Because all the other software systems work based on operating systems, their security credibility cannot be guaranteed without the support of secure opeating system.Research on covert channels has always been a highlight in the research field of secure opearting system. Thus, it has been selected as the research goal in this paper to search covert channels in Linux kernel based on its source codes. The definitions of covert channels are firstly discussed with some relevant points which will be focused on in searching and analyzing covert channels. Some different covert channel identification methods and their pros and cons are analyzed, and shared resource matrix method is chosen to search covert channels in Linux Kernel. Then a new realization of shared resource matrix transitive closure computation algorithm is given which is the improvement and optimization of previous realizations. And the new realization is compared with previous realizations on algorithmic complexity and statistics.In addition, the shared resource matrix must be constructed before the transitive closure computation. But due to the huge amount and complexity of source codes files, it is very difficult to construct the shared resource matrix. So, how to determine the analysis scope of source codes has become the most critical issue. Therefore, the Makefile architecture of latest version is analyzed and discussed based on source codes of Linux kernel v2.6.37. The organizational structure of Linux kernel and their source codes files are analyzed, and the syntax, format, predefined internal variables and etc. in the new version Makefile files are studied in order to make interdependent relations clear among different source codes files and simplify the procedure of searching covert channels in Linux kernel.Finally, the research work in this paper is summarized while further research directions are pointed out.