Flume系统的隐蔽信道搜索问题研究  被引量:1

Study on Detection of Covert Channel in Flume System

在线阅读下载全文

作  者:曹珲[1,2] 熊胜超[1] 张焕国[1,2] 严飞[1,2] 

机构地区:[1]武汉大学计算机学院,武汉430072 [2]空天信息安全与可信计算教育部重点实验室(武汉大学),武汉430072

出  处:《计算机研究与发展》2013年第11期2367-2374,共8页Journal of Computer Research and Development

基  金:国家自然科学基金项目(91018008;61003268;61103220;91118003);湖北省自然科学基金项目(2010CDB08601);中央高校基本科研业务费专项资金项目(3101038)

摘  要:Flume系统不仅可以为处于不同安全级别的进程传输信息提供安全保障,还可以通过显式标签机制解决在隐式标签系统中进程间通信连接超时导致的隐蔽信道问题.但是其系统中的部分不合理标签分配机制可能会导致信息在传递过程中同样存在泄露问题.针对这个问题提出一种隐蔽信道搜索模型(covert channel detection model,CCDM),将隐蔽信道的搜索问题抽象为有向图联通问题.最后结合回溯算法的思想提出IniaPathSearch算法和QuickPathSearch算法来对隐蔽信道进行自动搜索.实验结果表明,IniaPathSearch算法和QuickPathSearch算法可以正确有效地对Flume系统中隐蔽信道进行检测,并能为信息传递提供合法最短路径,其结果可以用于指导提高系统的安全性.Flume system can not only provide security protection for processes ifl different security level transmit information, but also use explicit label mechanism for solving the problem of covert channel caused by the timeout when processes transmit information. And this problem cannot be figured out by other security systems based on DIFC that use implicit label mechanism. But the mechanism of label allocation system may also cause information leakage by a special covert channel when processes transmit information in Flume system. In this paper, a covert channel detection model (CCDM) is introduced by analyzing the reason of information leakage in Flume system. The problem of covert channel searching is abstracted as the problem of directed graph linking by CCDM. And two algorithms that can auto-search covert channel in Flume system are presented based on CCDM and the idea of backtracking algorithm. The results of experiment show that CCDM and the proposed algorithms not only can effectively detect covert channel in Flume system, but also provide the shortest path for processes to transmit information. Thus, the results of experiment can provide some guidance for improving system security.

关 键 词:Flume系统 隐蔽信道 隐蔽信道搜索模型 有向图 安全性 

分 类 号:TP309[自动化与计算机技术—计算机系统结构]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象