[cap-talk] Throwing down the gauntlet
Jed at Webstart
donnelley1 at webstart.com
Thu Jan 12 15:37:59 EST 2006
At 02:53 PM 1/9/2006, John C. McCabe-Dansted wrote:
>On Tuesday 10 January 2006 08:00, David Wagner wrote:
> > John C. McCabe-Dansted writes:
> > >public:Bob knows that secret:Bob is able to receive at least x units of
> > > data per second, and will only transmit at this rate.
> > I don't understand why anyone thinks that limiting the bandwidth of
> > covert channels is a very useful solution.
>Here I am talking about limiting the rate of *overt* communication. Since no
>back chat is allowed, secret:Bob cannot send flow control signals to
>public:Bob. Thus it is wise for public:Bob to limit its rate of transmission
>based on the published realtime constraints of any Bob object.
The above seems to assume that public:Bob wishes to limit the
communication from secret:Bob. Isn't the situation we are concerned
about is where public:Bob wishes to maximize the communication
I agree with David Wagner on this. I don't see much value in limiting
the bandwidth of 'covert' channels. If you can't eliminate them, what's
the point of the exercise? I believe air gaps have proven pretty effective.
At least they allow one to focus on what is typically the real problem,
the people. I believe all the MLS machinations within systems can help
somewhat to keep people/programs from making unintended mistakes
(as we did with our MLS system), but I think it would be quite unwise
to trust such systems with a direct connection to, say, the Internet. If you
aren't going to get to that point, what value is there in pushing on things
like limiting the bandwidth of covert channels?
More information about the cap-talk