A covert channel is a communication pathway that transfers information in ways the system was not designed to allow, bypassing security policies by using resources in unintended ways. A covert storage channel manipulates the contents or existence of a storage object. A covert timing channel communicates through the timing of operations observable from outside the security boundary.
Covert channels are particularly concerning in high-security environments requiring strict separation between classification levels. A process at a lower classification level might extract information by observing the timing behavior of a higher-classified process.
CISSP Relevance
Covert channels appear in Domain 3 (Security Architecture and Engineering) within trusted system design and security models. CISSP candidates must understand covert channel types, how they bypass security controls, and why completely eliminating them is theoretically impossible.
External reference: NIST Glossary Covert Channel
Related terms: Mandatory Access Control, Security Architecture