Learn something new every day
More Info... by email
A storage channel is a covert computing channel which allows one process to write to a storage location on the computer or network while allowing another process to read information on the storage location by another process. As a covert channel, a storage channel has the ability to transfer data between objects that would otherwise be segregated by the security restrictions in the computer's operating system. This provides an additional level of programming flexibility, but, when used unscrupulously, covert channels can be used to undermine security on a system.
Picture a storage channel as a bit like two children passing notes back and forth during class. According to the rules set out by the operating system — the "teacher" of the class — the children are not supposed to be talking. By slipping information to one another outside the view of the operating system, they establish an otherwise impermissible line of communication.
A storage channel is a two-way connection. So while one process is transcribing information to the hard drive or another storage location on the computer, a second process is accessing and reading the information off the same storage device. This constant back and forth passing of information offers programmers another method of exchanging data on a computer. It provides a medium for attacking a system, though, if programmers are dishonest.
As the computer's operating system has no knowledge of the information being passed across a storage channel, it is entirely possible for a hacker to slip out personal or sensitive data across this type of channel. Additionally, a hacker could also manipulate data within the system the same way. Thus, in theory, someone undermining a system in this way could make out with the financial records of an organization while leaving incorrect "dummy" information in its place.
Since it is a type of covert channel, the possibility of storage channel data transfer cannot be completely eliminated. However, secure operating systems can monitor the potential activity on storage channels by utilizing pattern recognition tools to see whether unusual activity on the system might be information moving along storage channels. Think of this like listening as two people in different cells communicate by knocking on walls; if only one or two knocks are heard over a long period of time, chances are good that it was a random act. However, if knocking on the walls is heard both regularly and rhythmically, chances are good that information is being exchanged.
One of our editors will review your suggestion and make changes if warranted. Note that depending on the number of suggestions we receive, this can take anywhere from a few hours to a few days. Thank you for helping to improve wiseGEEK!