1. Technical Field
The present invention relates to storage systems in a network environment and, in particular, to protecting highly sensitive information in a storage area network.
2. Description of Related Art
A client/server environment is an architecture in which a user's device, such as a computer, is a requesting machine and a server is the supplying machine. Both devices may be connected via a network, such as a local area network (LAN) or wide area network (WAN). An example of a client/server environment is the Internet, which includes a worldwide collection of networks and gateways that use the Transmission Control Protocol/Internet Protocol (TCP/IP) suite of protocols to communicate with one another. At the heart of the Internet is a backbone of high-speed data communication lines between major nodes or host computers, consisting of thousands of commercial, government, educational and other computer systems that route data and messages.
A Storage Area Network (SAN) is a network of storage disks. In large enterprises, a SAN connects multiple servers to a centralized pool of disk storage. Compared to managing hundreds of servers, each with its own disks, SANs improve system administration by treating all the company's storage as a single resource.
With the advent of Storage Area Networks and the ability to connect multiple machines to the same storage, new problems arise concerning the security of information. Multiple levels of sharing storage are possible in Storage Area Networks. A lower level device may write, read, and manage a file system and another device at a higher level (or the same level, but more restricted) may be only able to read the information. Using this configuration, a method of “raising” the information to a higher level is possible. Security systems are used to ensure that a user or device at a higher level is not able to leak sensitive information to a user or device at a lower level.
A covert channel is a transfer of information that violates a computer's built-in security systems. A covert storage channel refers to depositing information in a memory or storage location that can be accessed by different security clearances. A covert timing channel is the manipulation of a system resource in such a way that it can be detected by another process.
For example, a device may set a flag that is otherwise unused to signal an event, such as a corporate buy-out, to a lower level user or device, such as a stockholder. This is an example of a covert channel. A device may also perform an access request periodically to signal an event. For example, a user of a device may perform a read of a given data block once a second for a minute to leak the occurrence of an event, such as a military air strike. This example illustrates a covert timing channel. Covert channels may even be used to leak information using Morse code, such as, for example, by toggling a bit or flag in such a way as to communicate a message.
A lower level device may also perform traffic analysis to deduce highly sensitive information. An analysis of what files a higher level device accesses may be a significant threat to sensitive information.
Covert channels are difficult to detect or prevent. This poses a problem for owners of highly sensitive information. Therefore, it would be advantageous to provide an improved mechanism for preventing, detecting, and auditing covert channels.