Bandwidth guidelines

The base system uses the following guidelines for the limitation of covert channels based on bandwidth:

More than 100 bits/second

These channels are not allowed to exist

0.1 to 100 bits/second

Channels in this range can exist when absolutely necessary, but their use is detected and audited whenever possible

Fewer than 0.1 bits/second

Channels in this range can exist where necessary but there is no special need to detect their use

It is highly recommended that all additional TCB programs follow these same guidelines. Furthermore, consider that even relatively slow channels of 10 bits per second can transmit 4,500 bytes per hour, which is a significant amount of data to be illegally downgraded. Therefore, every effort should be made to limit covert channels to as low a bandwidth as possible.

The bandwidth of most covert channels is usually lowered by activities of processes other than those processes that may be exploiting the channel. However, it is recommended this effect not be relied on to limit the bandwidth of covert channels, since there are periods of low activity on all systems.