I'm wrapping my head around Mandatory Access Control (MAC) and the well-known Bell-LaPadula model. One limitation that is mentioned with this model is covert channel exploitation. The one example I have learned is regarding Database Object Size:
- High clearance subject adds or removes data
- Low clearance subject checks pattern of size changes.
- Bandwidth of covert channel could be increased by using multiple objects
However, I neither understand the benefit of this example to a malicious user, or just how it is carried out. I do understand how covert channels work in general though, but do not understand why it is particularly highlighted as a pitfall of this MAC method - perhaps, as opposed to the Biba model?
My question then, requires an explanation of how covert channels are exploited in a database using the Bell-LaPadula model - with perhaps an explanation of the related example or the explanation of a better example.