Characteristics
A covert channel is so called because it is hidden from the access control mechanisms of ultra-high-assurance secure operating systems since it does not use the legitimate data transfer mechanisms of the computer system such as read and write, and therefore cannot be detected or controlled by the hardware based security mechanisms that underlie ultra-high-assurance secure operating systems. Covert channels are exceedingly hard to install in real systems, and can often be detected by monitoring system performance; in addition, they suffer from a low signal-to-noise ratio and low data rates (on the order of a few bits per second). They can also be removed manually with a high degree of assurance from secure systems by well established covert channel analysis strategies.
Covert channels are distinct from, and often confused with, legitimate channel exploitations that attack low-assurance pseudo-secure systems using schemes such as steganography or even less sophisticated schemes to disguise prohibited objects inside of legitimate information objects. This legitimate channel misuse by data hiding schemes is specifically not covert channels and can be prevented by ultra-high-assurance secure OSs.
Covert channels can tunnel through secure operating systems and require special measures to control. Covert channel analysis is the only proven way to control covert channels. By contrast, secure operating systems can easily prevent misuse of legitimate channels. Distinguishing these is important. Analysis of legitimate channels for hidden objects is often misrepresented as the only successful countermeasure for legitimate channel misuse. Because this amounts to analysis of large amounts of software, it was shown as early as 1972 to be unsuccessful. Without being informed of this, some are misled to believe an analysis will "manage the risk" of these legitimate channels.
Read more about this topic: Covert Channel