| (I) A intra-system channel that permits two cooperating entities,
without exceeding their access authorizations, to transfer
information in a way that violates the system's security policy.
(See: channel, out of band.)
(O) "A communications channel that allows two cooperating
processes to transfer information in a manner that violates the
system's security policy." [NCS04]
(C) The cooperating entities can be either two insiders or an
insider and an outsider. Of course, an outsider has no access
authorization at all. A covert channel is a system feature that
the system architects neither designed nor intended for
information transfer:
- "Timing channel": A system feature that enable one system
entity to signal information to another by modulating its own
use of a system resource in such a way as to affect system
response time observed by the second entity.
- "Storage channel": A system feature that enables one system
entity to signal information to another entity by directly or
indirectly writing a storage location that is later directly or
indirectly read by the second entity.
|
