A Case Study on Covert Channel Establishment via Software Caches in High-Assurance Computing Systems

08/21/2015
by   Wolfgang Schmidt, et al.
0

Covert channels can be utilized to secretly deliver information from high privileged processes to low privileged processes in the context of a high-assurance computing system. In this case study, we investigate the possibility of covert channel establishment via software caches in the context of a framework for component-based operating systems. While component-based operating systems offer security through the encapsulation of system service processes, complete isolation of these processes is not reasonably feasible. This limitation is practically demonstrated with our concept of a specific covert timing channel based on file system caching. The stability of the covert channel is evaluated and a methodology to disrupt the covert channel transmission is presented. While these kinds of attacks are not limited to high-assurance computing systems, our study practically demonstrates that even security-focused computing systems with a minimal trusted computing base are vulnerable for such kinds of attacks and careful design decisions are necessary for secure operating system architectures.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
09/11/2020

HECTOR-V: A Heterogeneous CPU Architecture for a Secure RISC-V Execution Environment

To ensure secure and trustworthy execution of applications, vendors freq...
research
06/05/2018

ScheduLeak: A Novel Scheduler Side-Channel Attack Against Real-Time Autonomous Control Systems

Real-time autonomous control systems are often the core of safety critic...
research
10/08/2018

Interface-Based Side Channel Attack Against Intel SGX

Intel has introduced a trusted computing technology, Intel Software Guar...
research
03/05/2014

A Taxonomy for Attack Patterns on Information Flows in Component-Based Operating Systems

We present a taxonomy and an algebra for attack patterns on component-ba...
research
04/01/2012

Windows And Linux Operating Systems From A Security Perspective

Operating systems are vital system software that, without them, humans w...
research
02/19/2022

Multi-Channel FFT Architectures Designed via Folding and Interleaving

Computing the FFT of a single channel is well understood in the literatu...
research
01/30/2023

Typing of data transfer processes in the information system within the framework of threat modeling

Work is aimed at automating the process of obtaining a list of security ...

Please sign up or login with your details

Forgot password? Click here to reset