The existence and usage of covert channels in systems of communicating agents poses a significant threat to the confidentiality of information. It is difficult to fully prevent the possibility of covert channels in a system without limiting the communication between its components or negatively affecting its behaviour. However, by developing an understanding of when a covert channel may exist in a given system and which agents are more prone to covert channels than others, approaches for mitigating covert channels can be developed in such a way that they are able to preserve overall system functionality and the communication between its components and with its environment. In this paper, we propose an approach for mitigating covert channels in systems of communicating agents based on an analysis of the potential for communication amongst system agents. First, we propose a mathematical framework for communication and concurrency called Communicating Concurrent Kleene Algebra (C2KA). We use C2KA to present a formulation of the potential for communication condition for covert channel existence. Then, we show how to use the proposed formulation and its mathematical background to analyse systems of communicating agents in order to devise an approach for modifying the behaviours of agents in a system of communicating agents in order to eliminate the potential for communication, thus eliminating the potential for a covert channel, while still preserving the overall system functionality. Using an illustrative example, we show how to specify a system of communicating agents using the mathematical framework of C2KA and we demonstrate and discuss the proposed mitigation approach. We also report on the use of a prototype tool that supports the automated verification and analysis of the potential for communication condition for covert channel existence.
Read full abstract