March 7, 2023 Outline

Reading: text, §18.2–18.3.2
Assignments: Homework #4, due March 14

  1. Isolation: virtual machines

  2. Isolation: non-virtual containers
    1. Library operating systems
    2. Sandboxes

  3. Isolation: program modification
    1. Software fault isolation
    2. Compiling
    3. Loading

  4. Covert channels
    1. Storage vs. timing
    2. Noise vs. noiseless
    3. Existence
    4. Bandwidth

  5. Covert channel detection
    1. Shared Resource Matrix Model
    2. Information flow analysis
    3. Covert flow trees

  6. Shared resource matrix methodology
    1. Identify shared resources, attributes
    2. Operations accessing those attributes
    3. Building the matrix
    4. Issues about the methodology

  7. Information flow analysis
    1. Direct, indirect flows

  8. Covert flow trees
    1. Goals, symbols
    2. Construction of covert flow trees
    3. Analysis
    4. Example

  9. Capacity
    1. When is bandwidth of covert channel?
    2. Analysis
    3. Measuring capacity
UC Davis sigil
Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
Email: mabishop@ucdavis.edu
ECS 235B, Foundations of Computer and Information Security
Version of March 10, 2023 at 1:37PM

 You can also obtain a PDF version of this.

Valid HTML 4.01 Transitional Built with BBEdit Built on a Macintosh