Security analysis and performance evaluation are two fundamental activities in the system design process, which are usually carried out separately. Unfortunately, a purely qualitative analysis of the security requirements is not sufficient in the case of real systems, as they suffer from unavoidable information leaks that need to be quantified. In this paper we propose an integrated and tool-supported methodology encompassing both activities, thus providing insights about how to trade the quality of service delivered by a system with the bandwidth of its covert channels. The methodology is illustrated by assessing the effectiveness and the efficiency of the securing strategy implemented in the NRL Pump, a trusted device proposed to secure the replication of information from a low-security level enclave to a high-security level enclave.
An Integrated View of Security Analysis and Performance Evaluation: Trading QoS with Covert Channel Bandwidth
Aldini, Alessandro;Bernardo, Marco
2004
Abstract
Security analysis and performance evaluation are two fundamental activities in the system design process, which are usually carried out separately. Unfortunately, a purely qualitative analysis of the security requirements is not sufficient in the case of real systems, as they suffer from unavoidable information leaks that need to be quantified. In this paper we propose an integrated and tool-supported methodology encompassing both activities, thus providing insights about how to trade the quality of service delivered by a system with the bandwidth of its covert channels. The methodology is illustrated by assessing the effectiveness and the efficiency of the securing strategy implemented in the NRL Pump, a trusted device proposed to secure the replication of information from a low-security level enclave to a high-security level enclave.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
