Skip to main content
SpringerLink
Log in

Finding Covert Channels in Protocols with Message Sequence Charts: The Case of RMTP2

  • Conference paper
System Analysis and Modeling (SAM 2004)

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 3319))

Included in the following conference series:

  • 393 Accesses

Abstract

Covert channels are illegal information flows in systems. Recent research has shown how to detect covert channels in scenario descriptions. This paper recalls these results, and proposes a case study illustrating how scenarios can be used to detect illegal information flows from a scenario description of a protocol. Once a covert information flow is discovered, its bandwidth is computed using the (max, +) algebra.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Andrews, G., Reitmans, R.: An axiomatic approach to information flows in programs. ACM transactions on Programming Languages and Systems 2, 56–76 (1980)

    Article  MATH  Google Scholar 

  2. Bell, D., La Padula, J.: Secure computer systems: mathematical foundations. Mitre technical report 2547, MITRE, Vol. I (1973)

    Google Scholar 

  3. Bell, D., La Padula, J.: Secure computer systems: a mathematical model. MITRE technical report 2547, MITRE, Vol. II (1973)

    Google Scholar 

  4. Criteria, C.: Common criteria for information technology security evaluation part 3: Security assurance requirements. Technical Report CCIMB-99-033, CCIMB (1999)

    Google Scholar 

  5. Goguen, J., Meseguer, J.: Security policies and security models. In: Press, I.C.S. (ed.) Proc. of IEEE Symposium on Security and Privacy, pp. 11–20 (1982)

    Google Scholar 

  6. Hélouét, L.: Distributed system requirements modeling with message sequence charts: the case of the rmtp2 protocol. Information and Software Technology 45, 701–714 (2003)

    Article  Google Scholar 

  7. Hélouét, L., Zeitoun, M., Jard, C.: Covert channels detection in protocols using scenarios. In: Proc. of SPV 2003 Security Protocols Verification (2003)

    Google Scholar 

  8. ITU-T: Recommendation Z.120 (11/99), Message Sequence Charts (MSC). International Telecommunication Union, Geneva

    Google Scholar 

  9. Katoen, J.-P., Lambert, L.: Pomsets for message sequence charts. In: Proceedings of SAM 1998: 1st conference on SDL and MSC, Berlin, pp. 281–290 (1998)

    Google Scholar 

  10. Kemmerer, R.: Shared ressources matrix methodology: an approach to indentifying storage and timing channels. ACM Transactions on Computer Systems 1, 256–277 (1983)

    Article  Google Scholar 

  11. Lampson, B.: A note on the confinement problem. Communication of the ACM 16, 613–615 (1973)

    Article  Google Scholar 

  12. Le Maigat, P., Hélouét, L.: A (max,+) approach for time in message sequence charts. In: 5th Workshop on Discrete Event Systems, WODES 2000 (2000)

    Google Scholar 

  13. Le Maigat, P.: Techniques algébriques Max-Plus pour l’analyse des performances temporelles de systèmes concurrents. PhD thesis, Université de Rennes 1 (2002)

    Google Scholar 

  14. Lipner, S.: A comment on the confinement problem. In: Proceedings of the Fifth Symposium on Operating systems Principles (1975)

    Google Scholar 

  15. Lowe, G.: Quantifying information flow. In: Proceedings of the 7th European Symposium on Research in Computer Security(ESORICS) (2002)

    Google Scholar 

  16. Montgomery, T., Whetten, B., Basavaiah, M., Paul, S., Rastogi, N., Conlan, J., Yeh, T.: The RMTP2 protocol. IETF draft, Internet Engineering Task Force (1998)

    Google Scholar 

  17. NSA/NCSC: A guide to understanding covert channel analysis of trusted systems. Technical report, NSA/NCSC (1993)

    Google Scholar 

  18. Reniers, M.: Message Sequence Charts: Syntax and Semantics. PhD thesis, Eindhoven University of Technology (1998)

    Google Scholar 

  19. Reniers, M., Mauw, S.: High-level message sequence charts. In: Cavalli, A., Sarma, A. (eds.) SDL 1997: Time for Testing - SDL, MSC and Trends. Proc. of the 8th SDL Forum, Evry, France, pp. 291–306 (1997)

    Google Scholar 

  20. Sabelfeld, A., Myers, A.: Language-based information-flow security. IEEE Journal on selected areas in communications 21 (2003)

    Google Scholar 

  21. Volpano, D., Smith, G.: Eliminating covert flows with minimum typings. In: Proc. 10th IEEE Computer Security Foundations Workshop, pp. 156–168 (1997)

    Google Scholar 

  22. Whetten, B., Paul, S., Taskale, G.: RMTP-II overview. Talarian white paper, Talarian Corporation (1999)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. IRISA, Campus de Beaulieu, 35042 Cedex, Rennes, France

    Loic Hélouët

Authors
  1. Loic Hélouët
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. SITE, University of Ottawa, 800 King Edward, K1N 6N5, Ottawa, ON, Canada

    Daniel Amyot

  2. University of Ottawa, 800 King Edward, K1N 6N5, Ottawa, Ontario, Canada

    Alan W. Williams

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Hélouët, L. (2005). Finding Covert Channels in Protocols with Message Sequence Charts: The Case of RMTP2. In: Amyot, D., Williams, A.W. (eds) System Analysis and Modeling. SAM 2004. Lecture Notes in Computer Science, vol 3319. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-31810-1_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-31810-1_13

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-24561-2

  • Online ISBN: 978-3-540-31810-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation