| Due to the international Internet community, open, personalized features, made it to the sharing of information resources and technology sharing with people at the same time, insecurity has brought the hidden dangers which include covert channels.Process with low security level apperceives the information from process with higher security level via its status transfer and environment changes. The method used by covert channels to send message is perceptional. It's a kind of logic operation, so it needn't pass the inspection of security model. This character of covert channel makes the traditional covert channel analysis method, which based on top level specification or source code, not find this kind of covert channels. Whereas an algorithm for the existence of information awareness based on structed operational semantics proposed in this paper, could solve this kind of problem effectively. The concrete works of this dissertation can be summarized follow as:This paper formally defined every factors of covert channel and presented information transfer mechanism as automaton, and analyzed the mechanism of information transfer among subjects changing values of shared object attributes,and presented a kind of information awareness model to describe this mechanism.Based on label transformation system to describe access object by subject with high and lower security level respectively, an algorithm for the existence of information awareness was given. how subject with low security level can deduce information from subject with higher security level is illustrated by an instance .Algorithm for the existence of information awareness in two-subject system expanded into algorithm in multi-subject system.Firstly,the key factors of which impacted the information awareness were analyzed, such as the sequence of access object, the type of access object,the attribute of access object.Then according to impact caused by the third subject, sequence of multi-subject access object were devided into some independent sequences,and algorithm for the existence of information awareness in two-subject system was called by every independent sequence of access object.This paper assumes that a trusted computer system fulfilled security model entirely after implementation. That is to say, covert channels emerged on scenario of information awareness only. So an important characteristic is concluded, i.e. the keystone of covert channel analysis lies in identify the scenario of information awareness instead of conduct grammatical analysis for all information transfer mechanism. |
PDF Full Text Request