Overview
Read this article from a comprehensive knowledge base, updated and supplemented with articles reviewed by scientific committees.
Read the articleAUTHOR
-
Frédéric RAYNAL: Computer engineer and doctor - Editor-in-Chief of MISC, the IT security magazine
INTRODUCTION
The notion of "hidden channel" is very important in terms of security. A channel is a place through which information passes. A telephone line or a network protocol are classic examples of communication media. When it's hidden, it means that it runs counter to the normal operation expected in the channel environment. In Alexandre Dumas' "The Count of Monte Cristo", Edmond Dantès finds himself incarcerated in the Château d'If in solitary confinement. Hearing another prisoner digging, he in turn sets out to meet the unfortunate man. Edmond Dantès meets Abbé Faria, who will reveal his secret to him, enabling him to escape before becoming the Count of Monte Cristo. The success of this venture hinges on the secret link between the two men: a tunnel dug between their cells, which the jailers discover too late.
In this article, we explain the context and consequences of a hidden channel. In the first part, we explain what is meant by "information flow", a term that is central to understanding the issues surrounding covert channels. Containment and isolation are intuitively familiar concepts, but we clarify them in an IT context. We then show where to find hidden channels, and some possible attacks on information systems linked to the existence of these channels. Finally, we present a few examples of channels in the specific environment of a network.
Thanks
If I've blacked out these few pages, I'm actually not the only one responsible (or guilty, depending on the terminology), because I've had the help of several people who've sent me comments full of common sense: Yann Berthier, Matthieu Blanc, Nicolas Fischbach and Maryline Maknavicius-Laurent. Thank you all for your high standards and your comments.
Exclusive to subscribers. 97% yet to be discovered!
You do not have access to this resource.
Click here to request your free trial access!
Already subscribed? Log in!
The Ultimate Scientific and Technical Reference
This article is included in
Security of information systems
This offer includes:
Knowledge Base
Updated and enriched with articles validated by our scientific committees
Services
A set of exclusive tools to complement the resources
Practical Path
Operational and didactic, to guarantee the acquisition of transversal skills
Doc & Quiz
Interactive articles with quizzes, for constructive reading
Hidden channels
References
Exclusive to subscribers. 97% yet to be discovered!
You do not have access to this resource.
Click here to request your free trial access!
Already subscribed? Log in!
The Ultimate Scientific and Technical Reference