Characterizing the Efficacy of the NRL Network Pump in Mitigating Covert Timing Channels
The Naval Research Laboratory (NRL) Network Pump, or Pump, is a standard for mitigating covert channels that arise in a MultiLevel Secure (MLS) system when a High User (HU) sends acknowledgements to a Low User (LU). The issue here is that HU can encode information in the "Timings" of the acknowledgements. The Pump aims at mitigating the covert timing channel by introducing buffering between HU and LU, as well as adding noise to the acknowledgment timings. The authors model the working of the Pump in certain situations, as a communication system with feedback and use then this perspective to derive an upper bound on the capacity of the covert channel between HU and LU in the Pump.