Covert channel

A covert channel is a means of communicating information that is not intended to be used for communication and is not controlled by security controls. Covert channels can be used to bypass security controls and transmit sensitive information without detection, and can pose a serious threat to the confidentiality and integrity of data.

There are many different types of covert channels, including:

Timing channels: These are covert channels that use the timing of events or actions to transmit information. For example, an attacker might use the timing of network packets to transmit information covertly.

Storage channels: These are covert channels that use storage areas, such as disk space or memory, to transmit information. For example, an attacker might use the free space on a hard drive to store encrypted data that can be retrieved later.

Resource utilization channels: These are covert channels that use the use of system resources, such as CPU time or network bandwidth, to transmit information. For example, an attacker might use the amount of CPU time consumed by a process to transmit information covertly.

Overall, covert channels are a serious threat to the confidentiality and integrity of data and can be used to bypass security controls and transmit sensitive information without detection. It is important for organizations to be aware of the potential for covert channels and to take appropriate measures to prevent their use.


Posted

in

by

Skip to content