Algebraic information theory for binary channels

AbstractWe study the algebraic structure of the monoid of binary channels and show that it is dually isomorphic to the interval domain over the unit interval with the operation from Martin (2006) [4]. We show that the capacity of a binary channel is Scott continuous as a map on the interval domain and that its restriction to any maximally commutative submonoid of binary channels is an order isomorphism onto the unit interval. These results allows us to solve an important open problem in the analysis of covert channels: a provably correct method for injecting noise into a covert channel which will reduce its capacity to any level desired in such a way that the practitioner is free to insert the noise at any point in the system

Anthroposophic perspectives in primary care

A core challenge of contemporary medicine is to integrate the technological successes of biomedical science with a comprehensive under-standing of the physical, psychosocial, ecological, and spiritual dimensions of health and illness. Toward this end, bridges are being created between conventional medicine and alternative systems of healing which reflect a holistic model of the human being. Even when both conventional and complementary approaches are used side-by-side in the same patient, they remain separate in their basic assumptions and goals. Today\u27s mechanistic disease model is cut off from such notions as life-energy, consciousness, and spirituality, so integral to many alternative paradigms. Anthroposophically Extended Medicine (AEM) is a comprehensive healing system that successfully integrates biomedicine with a more complete understanding of human reality. Originating in Europe at the beginning of the 20th century, AEM has its roots in the Western, scientific worldview. By expanding this worldview, anthroposophy offers the clinician new possibilities for scientific investigation; it also creates bridges to the wisdom of older healing traditions of both East and West

A New Paradigm Hidden in Steganography

We discuss how steganography, in contrast to similar disciplines, requires a new paradigm based upon discontinuities and the absence of noise as a detection deterrent

3. RREPORT TYPE A-D- DATES COVERED

in e inniI,... a No. 04I, 8 a. gathering aid mesntasing the data needed. and completing and reviewing theiolection of information. ollecton Send commsentf'eqardlng of information including this burden suggestions estimate or for any reducing other aspect this burden. of this to Washington Headquanens Services. Davi

A Pump for Rapid, Reliable, Secure Communication

Communication from a low- to a high-level system without acknowledgements will be unreliable; with acknowledgements, it can be insecure. We propose to provide quanti able security, acceptable reliability, and minimal performance penalties by interposing a device (called the Pump) to push messages to the high system and provide a controlled stream of acknowledgements to the low system. This paper describes how the Pump supports the transmission of messages upward and limits the capacity of the covert timing channel in the acknowledgement stream without a ecting the average acknowledgement delay seen by the low system or the message delivery delay seen by the high system in the absence of actual Trojan horses. By adding random delays to the acknowledgment stream, we show how to further reduce the covert channel capacity even in the presence of cooperating Trojan horses in both the high and low systems. We also discuss engineering tradeo s relevant to practical use of the Pump

A classical automata approach to noninterference type problems

Using classical automata theory we show how noninterference can be viewed as a relatively simple phenomenon. We also give direction for future work concerning probabilistic security problems using classical automata theory.

Covert Channels - Here to Stay?

We discuss the difficulties of satisfying high-assurance system requirements without sacrificing system capabilities. To alleviate this problem, we show how trade-offs can be made to reduce the threat of covert channels. We also clarify certain concepts in the theory of covert channels. Traditionally, a covert channel's vulnerability was measured by the capacity. We show why a capacity analysis alone is not sufficient to evaluate the vulnerability and introduce a new metric referred to as the "small message criterion". 1 Introduction In this paper we discuss how covert channels arise in the area of high-assurance systems. We give an overview of covert channel theory, with examples, and advance our hypothesis that covert channels can never be totally eliminated in many "practical" highassurance systems. A high-assurance system should perform the intended tasks of reliability, security, and performance as efficiently as possible, conflicts between the requirements are inherent. The pap..

Discussion of a Statistical Channel

This paper deals with a new type of covert channel problem that arose when we designed a multilevel secure computer (MLS) system, using a quasi-secure, asynchronous, communication device called the Pump. We call this new type of covert channel a statistical channel. It is our hope to get feedback from experts who work in the intersection of information theory and statistics. I. Introduction In a (MLS) system, Low may write to High, and High can read from Low, but High must never be able to write to Low. However, in a MLS system, the need for an acknowledgement (ACK), which is a write from High to Low, to a message sent by Low to High can violate the multilevel security policy by creating a covert (communication) channel. Consider a case where Low sends messages to High. A simple approach that does not allow High to send an ACK to Low places a buffer between Low and High. Low submits messages to the buffer, the buffer sends the ACKs back to Low, and High then takes messages from the b..