Covert Channels
Covert storage channel transfers information via a setting of data encoded bits with encoded information by a program and the reception and reading of these bits by another program. It occurs when data that is out of band is stored in messages for the purpose of reuse. An example of covert storage channel would be the use of a file designated strictly for holding audit information to transmit passwords; it could also include the use of a filename that can indicate the contents of the file. A good example of the covert storage channel is the ICMP error message echoing functionality .Many IP implementations utilize the packet memory as storage or for calculation; this is due to the ambiguities in the ICMP RFC. As a result the ICMP error packets which return back parts of the received messages may contain flaws or extra information, this information may provide hints and indications of the target operating system. This information can then be used to determine whether the system is vulnerable.
This covert storage channel can be mitigated during the implementation phase by ensuring that the reserved fields are zeroed prior to message transmission. It is also fundamental to ensure that there is no inclusion of unnecessary information.
A covert timing channel passes unauthorized data and information where a process signals information to another process by modulating the use of system resources specifically the central processing unit process time. The system resource is modulated in such a way that the real time processing is altered and the subsequent process observes the alteration without noticing the change. This manipulation always alters the real response time adhered to by the subsequent process.
The covert timing channel can be mitigated during the design by specifying implementation strategies that eliminates time variances during operations. Furthermore the vulnerability can be mitigated during implementation by artificially manipulating the time taken by operations and also withholding information from attackers.
References
CWE-MITRE. (2012, May 11). CWE-515: Covert Storage Channel. Retrieved october 23, 2012, from cwe.mitre: http://cwe.mitre.org/data/definitions/515.html
OWASP. (2009, September). covert_timing_channel. Retrieved october 23, 2012, from owasp: https://www.owasp.org/index.php/Covert_timing_channel
Radia, P. (2000). Key Exchange in IPSec: Analysis of IKE. IEEE Internet Computing , 4 (6), 45.
Sheila, F., Hoffmsn, P., Orebaugh, A., & Park, R. (2008, July). Guide to SSL VPNs. NIST Special Publication 800-113 .