What is Covert channel?

Understanding Covert channel

An information flow that is not controlled by a security control and has the opportunity of disclosing confidential information. A covert channel is an unauthorized communication path that can be used to secretly transfer information by circumventing normal security mechanisms. Covert channels can be categorized as storage or timing channels and often exploit shared system resources. Covert channels are addressed in high-security standards like Common Criteria and NIST SP 800-53 for sensitive environments. Organizations detect and mitigate covert channels through specialized monitoring, resource isolation, and timing normalization in highly secure environments. For example, a secure military system might implement strict resource isolation and timing normalization to prevent classified information from being exfiltrated through covert timing channels. Related terms: Side-channel attacks, Data exfiltration, Storage channel, Timing channel, Steganography, Multilevel security.