Wei-Ming Hu. Reducing timing channels with fuzzy time. In IEEE Symposium on Research in Security and Privacy, May 1991.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....parts of [IntP5] that man ual contains sufficient hints to determine how to understand the feature and make it available. In addi tion, VanG94] provides a more detailed description. High resolution timing, however, is also the key to efficient exploitation of covert timing channels [Hu91]. Fortunately, the Pentlure has a control flag that makes the Read TSC (IDTS) instruction privileged; by mak ing IDT privileged, a TCB can virtualize the TSC to reduce its effectiveness for covert channels. As with any high resolution clock, the TSC must be either virtualized or eliminated ....

Wet-Ming Hu, Reducing Timing Channels with Fuzzy Time, Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy, Oakland, CA, pages 8-20, 1991.

....available (the news, jokes, etc. There have been IEEE INFORMATION THEORY SOCIETY NEWSLETTER, DECEMBER 1999 102 past attempts to study the information theoretic capacity of other covert channels. For instance a covert resource scheduling channel has been studied in [18] 19] 20] 21] [22], 23] 24] 25] In this channel, Clarice shares a resource (say a CPU) with Hannibal. Hannibal never sends information to Clarice directly, but at certain (messageconveying) times Hannibal overloads the resource thus increasing the response time Clarice observes for her own resource requests. ....

W.M. Hu, "Reducing timing channels with fuzzy time," Proceedings 1991 IEEE Computer Society Symposium on Security and Privacy, pp. 8--20, 1991.

....kernel differed from a typical secure operating system because the subjects and objects are virtual machines and virtual disks, not files and processes, which are implemented by each guest OS. It is worth noting that timing channels in VMMs [33] were addressed in the context of the VAX VMM work [14]. Despite the challenge of timing channel mitigation, VMMs provide a solution to the problem of sharing while running legacy or commercial code securely with firewalling between the VMs managed by a highly secure VMM kernel. The VAX security effort lead to several conclusions: 1) Every ring of a ....

W.-M. Hu. Reducing Timing Channels with Fuzzy Time. In Proceedings 1991 IEEE Symposium on Research in Security and Privacy, pages 8--20. IEEE Computer Society Press, 1991.

....the high level goals specified by the user. Ideas similar to the dynamic adaptive security model proposed in [13] could be used to provide tradeoffs between security and real time performance. There have been several interesting approaches to analyzing and reducing the covert channel bandwidth [6, 8, 10, 14]. While some of those approaches could be used to specify policies to make it difficult to exploit the covert channels that may arise from the trade off, other may not be applicable in real time application. For example, a collection of techniques known as fuzzy time [8,14] is inappropriate in a ....

....bandwidth [6, 8, 10, 14] While some of those approaches could be used to specify policies to make it difficult to exploit the covert channels that may arise from the trade off, other may not be applicable in real time application. For example, a collection of techniques known as fuzzy time [8,14] is inappropriate in a real time setting, since the overall mission may be jeopardized by not getting the exact timing information. In fact, this problem between real time and covert channel was identified in Secure Alpha work [7] They have pointed out that slowing clocks or isolating processes ....

W. -M. Hu. "Reducing Timing Channels with Fuzzy Time," IEEE Symposium on Security and Privacy, Oakland, CA, pp 8-20, May 1991.

....of service) issue. Hence, this component should be able to execute the system s fairness policy [13] and resist any potential misuse, including malicious denial of service attack. 5. Performance: Many one way components intentionally delay the ACK time to reduce the covert channel capacity [6]. However, throughput and latency of this component may be as important as security. Hence, this component should have minimal impact on performance. 6. Flexible implementation: Distributed systems are usually dynamic. New members may be added to the system dynamically, and message traffic of the ....

Hu, W. M. "Reducing timing channels with fuzzy time," Proceedings of IEEE Symposium on Security and Privacy, pp. 8 - 20, Oakland, CA. 1991.

....the ability to perform passive wiretapping. Other cases are not so clear. For example, it is generally believed that timing channels are harder to exploit than storage channels. But there exist high capacity timing channels that are easier to exploit than many low capacity storage channels [Hu91]. Moreover, since we are dealing with an intelligent adversary, the likelyhood of a failure can change according to circumstances. For example, as attackers become more experienced and sophisticated, certain attacks may become more likely. On the other hand, as security measures become more ....

W. M. Hu. Reducing Timing Channels with Fuzzy Time. In Proceedings of the 1991 IEEE Symposium on Security and Privacy, pages 8--24. IEEE Computer Society Press, May 1991.

....then this limitation causes a performance penalty for the communication system. The Pump adds random noise to conventional communication methods to reduce the covert channel capacity. There have been other attempts to reduce timing channel capacity by introducing random noise to the system [CoMo91, Gra93, Hu91]. Our approach is different from the others in the sense that ours pays almost no performance penalty in the benign situation (i.e. there is no Trojan horse in the system) Our approach reduces timing channel capacity when Trojan horses attempt covert communication. 3.1 A Pump This process can ....

Hu, W. M. Reducing timing channels with fuzzy time. IEEE Symposium on Research in Security and Privacy (1991).

....traffic, then this limitation severely penalizes the performance of the communication system. The Pump adds random noise to conventional communication methods to reduce the covert channel capacity. There have been other attempts to reduce channel capacity by introducing random noise to the system [12, 13, 14, 9]. Our approach is different in the sense that ours pays almost no performance penalty in the benign situation (i.e. there is no Trojan horse in the system) When Trojan horses attempt covert communication our approach reduces potential timing channel capacity. Before describing the Pump in ....

W.M. Hu. "Reducing timing channels with fuzzy time," Proc. of the IEEE Symposium on Research in Security and Privacy, Oakland, CA, 1991.

....that could be potentially exploited. An implementation and performance analysis of the feedback control mechanism is explained in Section 9. Section 10 concludes the paper. 2 Related Work There have been several interesting approaches to analyzing and reducing the covert channel bandwidth [30, 11, 19, 9]. While some of these approaches could be used to specify policies to make it difficult to exploit the covert channels that may arise from the trade off, others may not be applicable in real time application. For example, a collection of techniques known as fuzzy time [30, 11] is inappropriate in ....

....bandwidth [30, 11, 19, 9] While some of these approaches could be used to specify policies to make it difficult to exploit the covert channels that may arise from the trade off, others may not be applicable in real time application. For example, a collection of techniques known as fuzzy time [30, 11] is inappropriate in a real time setting, since the overall mission may be jeopardized by not getting the exact timing information. In fact, this problem between real time and covert channel was identified in Secure Alpha work [10] They have pointed out that slowing clocks or isolating processes ....

W.-M. Hu, "Reducing Timing Channels with Fuzzy Time," Proc. IEEE Symp. Security and Privacy, IEEE Computer Soc. Press, 1991, pp. 8-20.

....read the system clock, making it possible to benchmark the user s machine. As a Javaenabled Web browser may well run on pre release hardware and or software, an attacker could learn valuable information. Timing information is also needed for the exploitation of covert timing channels. Fuzzy time [18] should be investigated to see if it can be used to mitigate both of these problems. 3.5. Implementation Errors Some bugs arise from fairly localized errors in the implementation of the browser or the Java subsystem. DNS Weaknesses A significant problem appears in the JDK and Netscape ....

W.-M. Hu. Reducing timing channels with fuzzy time. In Proceedings of the 1991 IEEE Symposium on Research in Security and Privacy, pages 8--20, 1991.

.... of the well known CPU scheduling channel [17, 25] as discussed in a mathematical sense by Huskamp [9, section 4] It is very important to understand noisy versions of this scenario because many researchers are currently investigating countermeasures to this scenario and its variants (e.g. [8, 7, 30, 10]) Note that McCullough s [20] half bit channels may be analyzed as timed Z channels. Our second scenario is quite different, dealing with a theoretical MLS computer network organized as a token ring topology. We show how a timed Z channel can be exploited as a covert channel in a specific ....

W. Hu. Reducing timing channels with fuzzy time. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 8--20, Oakland, California, May 1991.

No context found.

Wei-Ming Hu. Reducing timing channels with fuzzy time. In IEEE Symposium on Research in Security and Privacy, May 1991.

No context found.

Wei-Ming Hu. Reducing timing channels with fuzzy time. In IEEE Symposium on Research in Security and Privacy, May 1991.

No context found.

Wei-Ming Hu. Reducing timing channels with fuzzy time. In SSP'91 [44], pages 8--20.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC