1 / 6

Chapter 17: Confinement Problem

Chapter 17: Confinement Problem. Dr. Wayne Summers Department of Computer Science Columbus State University Summers_wayne@colstate.edu http://csc.colstate.edu/summers. The Confinement Problem.

maryjkeller
Download Presentation

Chapter 17: Confinement Problem

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 17: Confinement Problem Dr. Wayne Summers Department of Computer Science Columbus State University Summers_wayne@colstate.edu http://csc.colstate.edu/summers

  2. The Confinement Problem • Confinement problem preventing a server from leaking information that the user of the service considers confidential • Server must ensure that resources accessed on behalf of the client only include resources that client is authorized to access • Server must ensure that it does not reveal client’s data to any other unauthorized entity • Covert channel – path of communications not designed for communication • Rule of transitive confinement – if confined process invokes a second process, the second process must be as confined as the caller

  3. Isolation • Virtual machine – program that simulates the hardware of a computer system • Sandbox – environment in which the actions of the process are restricted according to a security policy

  4. Covert Channels • Covert storage channel uses an attribute of the shared resource • Covert timing channel uses a temporal or ordering relationship among accesses to a shared resource • Noiseless covert channel – covert channel that uses a resource available to only the sender and receiver • Noisy covert channel – covert channel that uses a resource available to subjects in addition to the sender and receiver

  5. Covert channels • Requirements of covert storage channel • Sending and receiving processes have access to the same attribute of a shared object • Sending process is able to modify the attribute of the shared object • Receiving process is able to references the attribute of the shared object • Mechanism must exist for initiating both processes, and properly sequencing the respective accesses to the shared resource

  6. Covert channels • Requirements of covert timing channel • Sending and receiving processes have access to the same attribute of a shared object • Sending and receiving processes must have access to a time reference (e.g. clock, timer,…) • Sending process must be able to control the timing of the detection of a change in the attribute by the receiving process • Mechanism must exist for initiating both processes, and properly sequencing the respective accesses to the shared resource

More Related