We address the problem of computing the capacity of a covert channel, modeled as a nondeterministic transducer. We give three possible statements of the notion of “covert channel capacity” and relate the different definitions. We then provide several methods allowing the computation of lower and upper bounds for the capacity of a channel. We show that, in some cases, including the case of input-deterministic channels, the capacity of the channel can be computed exactly (e.g. in the form of “the largest root of some polynomial”).
Mots clés : covert channels, entropy, synchronous transducers
@article{ITA_2010__44_1_37_0, author = {Asarin, Eugene and Dima, C\u{a}t\u{a}lin}, title = {On the computation of covert channel capacity}, journal = {RAIRO - Theoretical Informatics and Applications - Informatique Th\'eorique et Applications}, pages = {37--58}, publisher = {EDP-Sciences}, volume = {44}, number = {1}, year = {2010}, doi = {10.1051/ita/2010004}, mrnumber = {2604934}, zbl = {1185.94035}, language = {en}, url = {http://www.numdam.org/articles/10.1051/ita/2010004/} }
TY - JOUR AU - Asarin, Eugene AU - Dima, Cătălin TI - On the computation of covert channel capacity JO - RAIRO - Theoretical Informatics and Applications - Informatique Théorique et Applications PY - 2010 SP - 37 EP - 58 VL - 44 IS - 1 PB - EDP-Sciences UR - http://www.numdam.org/articles/10.1051/ita/2010004/ DO - 10.1051/ita/2010004 LA - en ID - ITA_2010__44_1_37_0 ER -
%0 Journal Article %A Asarin, Eugene %A Dima, Cătălin %T On the computation of covert channel capacity %J RAIRO - Theoretical Informatics and Applications - Informatique Théorique et Applications %D 2010 %P 37-58 %V 44 %N 1 %I EDP-Sciences %U http://www.numdam.org/articles/10.1051/ita/2010004/ %R 10.1051/ita/2010004 %G en %F ITA_2010__44_1_37_0
Asarin, Eugene; Dima, Cătălin. On the computation of covert channel capacity. RAIRO - Theoretical Informatics and Applications - Informatique Théorique et Applications, Tome 44 (2010) no. 1, pp. 37-58. doi : 10.1051/ita/2010004. http://www.numdam.org/articles/10.1051/ita/2010004/
[1] Codage Symbolique. Masson (1993).
,[2] Determinization of transducers over finite and infinite words. Theoretical Computer Science 289 (2002) 225-251. | Zbl
and ,[3] Polynomial-time computation of the joint spectral radius for some sets of nonnegative matrices. SIAM Journal of Matrix Analysis and Applications 31 (2009) 865-876. | Zbl
and ,[4] Uniformization of rational relations, in Jewels are Forever, Contributions on Theoretical Computer Science in Honor of Arto Salomaa, edited by J. Karhumäki, H.A. Maurer, Gh. Paun and G. Rozenberg. Springer (1999) 59-71. | Zbl
and ,[5] Department of defense trusted computer system evaluation criteria. DOD 5200.28-STD, National Computer Security Center (December 1985).
[6] Synchronisation déterministe des automates à délai borné. Theoretical Computer Science 191 (1998) 61-77. | Zbl
and ,[7] The theory of matrices. AMS Chelsea Publishing (1959). | Zbl
,[8] Security policies and security models, in Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, USA (1982) 11-20.
and ,[9] Vl. Protasov and V. Blondel, Efficient algorithms for deciding the type of growth of products of integer matrices. Linear Algebra and its Applications 428 (2008) 2296-2311. | Zbl
,[10] An Introduction to Symbolic Dynamics and Coding. Cambridge University Press (1995). | Zbl
and ,[11] Quantifying information flow, in Proceedings of the 15th IEEE Computer Security Foundations Workshop (CSFW'02), IEEE Computer Society (2002) 18-31.
,[12] Finite-state noiseless covert channels, in Proceedings of the 2nd IEEE Computer Security Foundations Workshop (CSFW'89), IEEE Computer Society (1989) 81-86.
,[13] Joint spectral characteristics of matrices: a conic programming approach. http://www.inma.ucl.ac.be/~jungers/publis_dispo/conic.pdf (2009). | Zbl
, and ,[14] Languages, automata, and logic, in Handbook of Formal Languages, Vol. III. Springer Verlag (1997) 389-455.
,[15] On an extremal problem in graph theory. Matematicko Fizicki Lapok 48 (1941) 436-452 (in Hungarian). | JFM | Zbl
,[16] Information flow in nondeterministic systems, in IEEE Symposium on Security and Privacy (1990) 144-161.
and ,Cité par Sources :