Jason Jaskolka

Exploring Covert Channels

Covert channels pose a threat to system security for many reasons. One of the most significant security concerns surrounding the use of covert channels in computer and information systems involves confidentiality and the ability to leak confidential information from a high level security user to a low level one covertly. There are many differing views surrounding the ideas of covert channels and steganography with debates igniting over the existence of a relationship between the two concepts. This debate can be resolved with a model to provide a perception of covert channel communication to yield a better understanding of covert channels. In this paper, we propose a model to perceive covert channel communication. We use the proposed model to explore the relationship between covert channels, steganography and watermarking. The intent is to provide a better understanding of covert channel communication in an attempt to develop investigative support for confidentiality.

Verification of Information Flow in Agent-Based Systems

Analyzing information flow is beneficial for ensuring the satisfiability of security policies during the exchange of information between the agents of a system. In the literature, models such as Bell-LaPadula model and the Chinese Wall model are proposed to capture and govern the exchange of information among agents. Also, we find several verification techniques for analyzing information flow within programs or multi-agent systems. However, these models and techniques assume the atomicity of the exchanged information, which means that the information cannot be decomposed or combined with other pieces of information. Also, the policies of their models prohibit any transfer of information from a high level agent to a low level agent. In this paper, we propose a technique that relaxes these assumptions. Indeed, the proposed technique allows classifying information into frames and articulating finer granularity policies that involve information, its elements, or its frames. Also, it allows for information manipulation through several operations such as focusing and combining information. Relaxing the atomicity of information assumption permits an analysis that takes into account the ability of an agent to link elements of information in order to evolve its knowledge.

On the Necessary Conditions for Covert Channel Existence: A State-of-the-Art Survey

Abstract With the ability to leak confidential information in a secret manner, covert channels pose a significant threat to the confidentiality of a system. Due to this threat, the identification of covert channel existence has become an important part of the evaluation of secure systems. In this paper, we present a state-of-the-art survey discussing the conditions for covert channel existence found in the literature and we point to their inadequacy. We also examine how conditions for covert channel existence are handled by information theory. We propose a set of necessary and verifiable conditions for covert channel existence in systems of communicating agents. We aim to provide an improved understanding of covert channel communication and to build a foundation for developing effective and efficient mechanisms for mitigating covert channels in systems of communicating agents at the early stages of software development

Endowing Concurrent Kleene Algebra with Communication Actions

Communication is integral to the understanding of agent interactions in concurrent systems. In this paper,we propose a mathematical framework for communication and concurrency called Communicating Concurrent Kleene Algebra (C2KA). C2KAextends concurrent Kleene algebra with the notion of communication actions. This extension captures both the influence of external stimuli on agent behaviour aswell as the communication and concurrency of communicating agents.

A formal test for detecting information leakage via covert channels

With the emergence of computers in every day activities and with the ever-growing complexity of networks and network communication protocols, covert channels are becoming an eminent threat to the confidentiality of information. We propose a technique to detect confidential information leakage via covert channels. The proposed technique is based on relational algebra. It provides tests to verify the existence of a leakage of information via a monitored covert channel. The technique also provides computations which show how the information was leaked if a leakage exists. Our focus is limited to protocol-based covert channels and instances where the users of covert channels modulate the information that is being sent; either by encryption, or some other form of encoding. We discuss possible applications of the proposed technique in digital forensics and cryptanalysis. We also report on a prototype tool that allows for the automation of the proposed technique.

A Formulation of the Potential for Communication Condition using C2KA.

An integral part of safeguarding systems of communicating agents from covert channel communication is having the ability to identify when a covert channel may exist in a given system and which agents are more prone to covert channels than others. In this paper, we propose a formulation of one of the necessary conditions for the existence of covert channels: the potential for communication condition. Then, we discuss when the potential for communication is preserved after the modification of system agents in a potential communication path. Our approach is based on the mathematical framework of Communicating Concurrent Kleene Algebra (C 2 KA). While existing approaches only consider the potential for communication via shared environments, the approach proposed in this paper also considers the potential for communication via external stimuli.

An aspect-oriented language for feature-modeling

When modeling families of ambient systems, we experience a number of special challenges due to unpredictable variability in the environments of the systems. One solution to deal with these challenges is to adapt aspect-oriented technology to product family modeling. In this paper, we propose a new language AO-PFA, which adapts the aspect-oriented paradigm to product families. This paradigm enhances the adaptability and evolvability of product families. The proposed language is an extension of the specification language product family algebra (PFA). We discuss the constructs of the proposed language as well as its usage to specify aspects.

Investigative Support for Information Confidentiality Part I: Detecting Confidential Information Leakage via Protocol-based Covert Channels

Abstract This is Part I in a two-part series discussing the development of investigative support for information confidentiality. In this paper, we propose a technique to detect confidential information leakage via protocol-based covert channels based on relation algebra. It provides tests to verify the existence of an information leakage via a monitored covert channel as well as computations which show how the information was leaked if a leakage exists. We also report on a prototype tool that allows for the automation of the proposed technique. Our focus is limited to protocol-based covert channels and instances where covert channel users modulate the sent information by some form of encoding such as encryption.

Mitigating covert channels based on analysis of the potential for communication

The existence and usage of covert channels in systems of communicating agents poses a significant threat to the confidentiality of information. It is difficult to fully prevent the possibility of covert channels in a system without limiting the communication between its components or negatively affecting its behaviour. However, by developing an understanding of when a covert channel may exist in a given system and which agents are more prone to covert channels than others, approaches for mitigating covert channels can be developed in such a way that they are able to preserve overall system functionality and the communication between its components and with its environment. In this paper, we propose an approach for mitigating covert channels in systems of communicating agents based on an analysis of the potential for communication amongst system agents. First, we propose a mathematical framework for communication and concurrency called Communicating Concurrent Kleene Algebra (C2KA). We use C2KA to present a formulation of the potential for communication condition for covert channel existence. Then, we show how to use the proposed formulation and its mathematical background to analyse systems of communicating agents in order to devise an approach for modifying the behaviours of agents in a system of communicating agents in order to eliminate the potential for communication, thus eliminating the potential for a covert channel, while still preserving the overall system functionality. Using an illustrative example, we show how to specify a system of communicating agents using the mathematical framework of C2KA and we demonstrate and discuss the proposed mitigation approach. We also report on the use of a prototype tool that supports the automated verification and analysis of the potential for communication condition for covert channel existence.

Verification of aspectual composition in feature-modeling

Crosscutting concerns are pervasive in embedded software and ambient systems due to the stringent non-functional requirements imposed on them. Maintaining families of these systems to address issues with the crosscutting concerns, such as security concerns, is recognised to be tedious and costly. To tackle the above problem, we adapt the aspect-oriented paradigm to feature-modeling. One of the most serious problems in aspect-oriented modeling is the potential of taking a valid model and spoiling its validity when weaving an aspect to it. We present a formal verification technique of aspectual composition in the context of feature-modeling that is based on product family algebra. We define a set of validity criteria for aspects with regard to their corresponding base specifications. The verification is done prior to the weaving of the aspects to their base specifications.