[cap-talk] Throwing down the gauntlet

Jed at Webstart donnelley1 at webstart.com
Thu Jan 12 15:37:59 EST 2006


At 02:53 PM 1/9/2006, John C. McCabe-Dansted wrote:
>On Tuesday 10 January 2006 08:00, David Wagner wrote:
> > John C. McCabe-Dansted writes:
> > >public:Bob knows that secret:Bob is able to receive at least x units of
> > > data per second, and will only transmit at this rate.
> >
> > I don't understand why anyone thinks that limiting the bandwidth of
> > covert channels is a very useful solution.
>
>Here I am talking about limiting the rate of *overt* communication. Since no
>back chat is allowed, secret:Bob cannot send flow control signals to
>public:Bob. Thus it is wise for public:Bob to limit its rate of transmission
>based on the published realtime constraints of any Bob object.

The above seems to assume that public:Bob wishes to limit the
communication from secret:Bob.  Isn't the situation we are concerned
about is where public:Bob wishes to maximize the communication
from secret:Bob?

I agree with David Wagner on this.  I don't see much value in limiting
the bandwidth of 'covert' channels.  If you can't eliminate them, what's
the point of the exercise?  I believe air gaps have proven pretty effective.
At least they allow one to focus on what is typically the real problem,
the people.  I believe all the MLS machinations within systems can help
somewhat to keep people/programs from making unintended mistakes
(as we did with our MLS system), but I think it would be quite unwise
to trust such systems with a direct connection to, say, the Internet.  If you
aren't going to get to that point, what value is there in pushing on things
like limiting the bandwidth of covert channels?

--Jed http://www.webstart.com/jed/ 



More information about the cap-talk mailing list