1. By : Nimish Agarwal

2.  … are those which are neither designed nor intended to transfer information at all.  … are based on "transmission by storage into variables that describe resource states”.  … are those channels that are a result of resource allocation policies and resource management implementation.  … are those that "use entities not normally viewed as data objects to transfer information from one subject to another.".

3.  Storage and Timing Channels.  Storage Channel :- Include all mediums that allow the direct or indirect writing of a storage location by one process and the direct or indirect reading of it by another.  Timing channels :- Include all mediums that would allow one process to signal information to another process by modulating its own use of system resources in such a way that the change in response time observed by the second process would provide information.

4.  Noisy and Noiseless Channels.  Noiseless covert channel uses shared resource available to sender, receiver only  Noisy covert channel uses shared resource available to sender, receive, and others  Need to minimize interference enough so that message can be read in spite of others’ use of channel

5.  Shared Resource Matrix (SRM)  Identify all resources that may be read or modified by processes of various classes and put them in form of matirx.  Take transitive closure.  Look for information flow in violation of policy.  Verify flow for real.

6.  Information Flow Method  Determine data and control flow within the program.  Determine which outputs are affected by which inputs.  Note : Difficult in the face of pointers, and recursion.

7.  S teganography means Steganos (Covered or Protected) + graphein (to write).  Steganography includes the concealment of information within computer files

10. CryptographySteganography Protecting contents of the messageConcealing the existence of message Encryption can be easily identifiedEmbedding may not be so easy to identify ConfidentialityIntegrityUn removability EncryptionYesNoYes Digital SignatureNoYesNo SteganographyYes / No Yes

11.  Network  Wireless :- Corrupted Headers  Modifying Existing Traffic  Images, Audio and Video Steganograms  Encryption  Canary trap and Digital Water Marking  Canary Trap :- Method of exposing Information Leak, which involves giving different version of sensitive documents to several suspects and seeing which version gets leaked.

12.  National Computer Security Center. A guide to understanding Covert Channel Analysis of Trusted System. http://www.fas.org/irp/nsa/rainbow/tg030.htmhttp://www.fas.org/irp/nsa/rainbow/tg030.htm  Steganography And Digital Watermarking http://www.cs.bham.ac.uk/~mdr/teaching/ modules03/security/students/SS5/Steganography.pdf http://www.cs.bham.ac.uk/~mdr/teaching/ modules03/security/students/SS5/Steganography.pdf  Steganography. http://en.wikipedia.org/wiki/Steganography http://en.wikipedia.org/wiki/Steganography  Canary Trap :- http://en.wikipedia.org/wiki/Canary_traphttp://en.wikipedia.org/wiki/Canary_trap  A Discussion of Covert Channels and Steganography :- http://gray- world.net/cn/papers/adiscussionofcc.pdfhttp://gray- world.net/cn/papers/adiscussionofcc.pdf