wesommer@athena.mit.edu (William Sommerfeld) (01/04/90)
As I understood the definition, covert channels can only exist in the presence of nondiscretionary access controls. I could be wrong about that, though. Multilevel secure operating systems are supposed to be able to prevent classified data, which a trojan horse has access to, from being leaked to a process running at a lower security level. You don't need to be able to get at the register *contents*; instead, assuming a sufficiently accurate clock, you can notice that a register-to-register operation which should have taken 100ns actually took 5us because it trapped and was restarted. The sender would spin in a loop which either accessed a register or didn't for each bit.. The reciever would get the time (presumably to microsecond or greater accuracy), access some of these registers, and get the time again, and depending on *how long* the access to these registers took, could get a "1" or a "0" bit. With a bit more sophistication, you could get roughly one bit per register per timeslice. -- Henry Spencer is so much of a | Bill Sommerfeld at MIT/Project Athena minimalist that I often forget | sommerfeld@mit.edu he's there - anonymous |