[cap-talk] Throwing down the gauntlet
Jed at Webstart
donnelley1 at webstart.com
Thu Jan 12 15:37:59 EST 2006
At 02:53 PM 1/9/2006, John C. McCabe-Dansted wrote:
>On Tuesday 10 January 2006 08:00, David Wagner wrote:
> > John C. McCabe-Dansted writes:
> > >public:Bob knows that secret:Bob is able to receive at least x units of
> > > data per second, and will only transmit at this rate.
> >
> > I don't understand why anyone thinks that limiting the bandwidth of
> > covert channels is a very useful solution.
>
>Here I am talking about limiting the rate of *overt* communication. Since no
>back chat is allowed, secret:Bob cannot send flow control signals to
>public:Bob. Thus it is wise for public:Bob to limit its rate of transmission
>based on the published realtime constraints of any Bob object.
The above seems to assume that public:Bob wishes to limit the
communication from secret:Bob. Isn't the situation we are concerned
about is where public:Bob wishes to maximize the communication
from secret:Bob?
I agree with David Wagner on this. I don't see much value in limiting
the bandwidth of 'covert' channels. If you can't eliminate them, what's
the point of the exercise? I believe air gaps have proven pretty effective.
At least they allow one to focus on what is typically the real problem,
the people. I believe all the MLS machinations within systems can help
somewhat to keep people/programs from making unintended mistakes
(as we did with our MLS system), but I think it would be quite unwise
to trust such systems with a direct connection to, say, the Internet. If you
aren't going to get to that point, what value is there in pushing on things
like limiting the bandwidth of covert channels?
--Jed http://www.webstart.com/jed/
More information about the cap-talk
mailing list