Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network

  Advanced Search  

An Integrated View of Security Analysis and Performance Evaluation

Summary: An Integrated View of
Security Analysis and Performance Evaluation:
Trading QoS with Covert Channel Bandwidth
Alessandro Aldini and Marco Bernardo
Universita di Urbino \Carlo Bo"
Istituto di Scienze e Tecnologie dell'Informazione
Piazza della Repubblica 13, 61029 Urbino, Italy
faldini, bernardog@sti.uniurb.it
Abstract. Security analysis and performance evaluation are two funda-
mental activities in the system design process, which are usually carried
out separately. Unfortunately, a purely qualitative analysis of the secu-
rity requirements is not su∆cient in the case of real systems, as they
su er from unavoidable information leaks that need to be quanti ed. In
this paper we propose an integrated and tool-supported methodology en-
compassing both activities, thus providing insights about how to trade
the quality of service delivered by a system with the bandwidth of its
covert channels. The methodology is illustrated by assessing the e ective-
ness and the e∆ciency of the securing strategy implemented in the NRL
Pump, a trusted device proposed to secure the replication of information
from a low-security level enclave to a high-security level enclave.


Source: Aldini, Alessandro - Dipartimento di Matematica, Fisica e Informatica, Universitaí di Urbino "Carlo Bo"


Collections: Computer Technologies and Information Sciences