A covert channel is a communication channel not normally used in system communications and is therefore not protected by the system’s security mechanisms. This makes it a vulnerability that could be exploited to corrupt a system’s security policy. The two common types of covert channels:
- Covert storage channels – these transfer data by modifying it on a resource, such as a hard disk drive shared by two subjects at different security levels. This can be achieved by a program transferring information to a less secure program by changing the amount or the patterns of free hard disk space, or by changing the characteristics of a file.
- Covert timing channels – covert channels in which one process signals information to another by manipulating one of its observable system resources in such a way that it affects the real response time observed by the second process. This usually manipulates a system clock or timing device. Information is then transferred by using timing measurements such as the duration required to perform an operation, the amount of CPU time expended, or the time occurring between two events.