翻訳と辞書 |
Covert channel : ウィキペディア英語版 | Covert channel In computer security, a covert channel is a type of computer security attack that creates a capability to transfer information objects between processes that are not supposed to be allowed to communicate by the computer security policy. The term, originated in 1973 by Lampson is defined as "(channels) not intended for information transfer at all, such as the service program's effect on system load." to distinguish it from ''Legitimate'' channels that are subjected to access controls by COMPUSEC.〔Lampson, B.W., ''A Note on the Confinement Problem.'' Communications of the ACM, Oct.1973.16(10):p. 613-615. ()〕 ==Characteristics== A covert channel is so called because it is hidden from the access control mechanisms of ultra-high-assurance secure operating systems since it does not use the legitimate data transfer mechanisms of the computer system such as read and write, and therefore cannot be detected or controlled by the hardware based security mechanisms that underlie ultra-high-assurance secure operating systems. Covert channels are exceedingly hard to install in real systems, and can often be detected by monitoring system performance; in addition, they suffer from a low signal-to-noise ratio and low data rates (on the order of a few bits per second). They can also be removed manually with a high degree of assurance from secure systems by well established covert channel analysis strategies. Covert channels are distinct from, and often confused with, legitimate channel exploitations that attack low-assurance pseudo-secure systems using schemes such as ''steganography'' or even less sophisticated schemes to disguise prohibited objects inside of legitimate information objects. The legitimate channel misuse by steganography is specifically not a form of covert channel . Covert channels can tunnel through secure operating systems and require special measures to control. Covert channel analysis is the only proven way to control covert channels. By contrast, secure operating systems can easily prevent misuse of legitimate channels. Distinguishing these is important. Analysis of legitimate channels for hidden objects is often misrepresented as the only successful countermeasure for legitimate channel misuse. Because this amounts to analysis of large amounts of software, it was shown as early as 1972 to be impractical.〔(Computer Security Technology Planning Study ) (James P. Anderson, 1972)〕 Without being informed of this, some are misled to believe an analysis will "manage the risk" of these legitimate channels.
抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「Covert channel」の詳細全文を読む
スポンサード リンク
翻訳と辞書 : 翻訳のためのインターネットリソース |
Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.
|
|