| 隐通道传递信息机理的研究 |
| |
| 引用本文: | 刘志锋,鞠时光,王昌达,周从华.隐通道传递信息机理的研究[J].计算机科学,2007,34(10):92-95. |
| |
| 作者姓名: | 刘志锋 鞠时光 王昌达 周从华 |
| |
| 作者单位: | 江苏大学计算机科学与通信工程学院,江苏镇江,212013 |
| |
| 摘 要: | 可信计算机系统中一些隐蔽数据流避开了安全机制的监控,造成信息的泄漏。本文通过对这种隐蔽流泄漏信息的机理进行分析和抽象,提出了一个通道元模型。将每一类通道元看成一个有限状态机,以Plotkin的结构化操作语义等为基础,计算出状态机的状态变化序列。通过对不满足隐通道定义的状态变迁序列的归纳,得到了抽象机中安全状态转移的约束条件,找出两个通道元通过共享客体泄露信息的工作机理,从而开发出一种基于操作语义的隐通道标识方法。对电梯调度算法模型进行实验,可有效地标识出存在的隐通道。
|
| 关 键 词: | 隐通道 信息安全 安全模型 |
On the Principle of Information Transfer in Covert Channel |
| |
| LIU Zhi-Feng,JU Shi-Guang,WANG Chang-Da,ZHOU Cong-Hua.On the Principle of Information Transfer in Covert Channel[J].Computer Science,2007,34(10):92-95. |
| |
| Authors: | LIU Zhi-Feng JU Shi-Guang WANG Chang-Da ZHOU Cong-Hua |
| |
| Affiliation: | School of Computer Science and Telecommunication Engineering, Jiangsu University,Jiangsu Zhenjiang 212013 |
| |
| Abstract: | Some covert information flow evades the inspection of security mechanism in trusted computer system, which results in information leakage. The atomic channel model was established by analyzing and abstracting the principle of covert information flow. A finite state machine was used to describe an atomic channel model. Based on the structured operational semantics proposed by Plotkin we can compute sequences of states. By reasoning on state sequences against the definition of covert channel, restriction conditions of secure state translation were gained, and the principle of information leakage in two atomic channel models sharing an object was found. Consequently a covert channel identification method based on operational semantics was proposed. The experiment on elevator dispatch algorithm showed that our method could search for covert channels efficiently. |
| |
| Keywords: | Covert channel Information security Security model |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
点击此处可从《计算机科学》下载全文 |
