research-article

Engineering SSL-based systems for enhancing system performance

Authors:

Shikharesh Majumdar,

Vineet SrivastavaAuthors Info & Claims

ICPE '11: Proceedings of the 2nd ACM/SPEC International Conference on Performance engineering

Pages 469 - 474

https://doi.org/10.1145/1958746.1958817

Published: 14 March 2011 Publication History

Abstract

Security in a distributed system often comes at the cost of a performance penalty. Due to the CPU time consuming security algorithms used, transferring data using SSL is known to be significantly slow. This paper presents an initial set of research results of a university-industry collaborative research focusing on a performance enhancement technique called security sieve that separates the classified and non-classified components in a document and sends these on a secure and a (faster) non-secure channel respectively. Experimental results presented in the paper demonstrate the effectiveness of the technique.

References

[1]

Almuhaideb, A.; Alhabeeb, M.; Le, P.D; Srinivasan, B., "Beyond Fixed Key Size: Classifications Toward a Balance Between Security and Performance," 24th IEEE International Conference on Advanced Information Networking and Applications, pp.1047--1053, 20-23 April 2010.

Digital Library

[2]

Argyroudis, P.G.; Verma, R.; Tewari, H.; O'Mahony, D., "Performance analysis of cryptographic protocols on handheld devices," Third IEEE International Symposium on Network Computing and Applications, 2004., pp. 169--174, 30 Aug.-1 Sept. 2004.

Digital Library

[3]

Berbecaru, D., "On Measuring SSL-based Secure Data Transfer with Handheld Devices," 2nd International Symposium on Wireless Communication Systems, 2005., pp.409--413, 7-7 Sept. 2005.

[4]

Chou, W., "Inside SSL: the secure sockets layer protocol," IT Professional, vol.4, no.4, pp. 47--52, Jul/Aug 2002.

Digital Library

[5]

Cicso Systems, Inc. "White Paper: Introduction to Secure Sockets Layer," 2002.

[6]

Eastlake, D.; Jones, P., US Secure Hash Algorithm (SHA1), IETF RFC 3174, September 2001; http://www.ietf.org/rfc/rfc3174.txt.

[7]

Kant, K.; Iyer, R.; Mohapatra, P., "Architectural impact of secure socket layer on Internet servers," International Conference on Computer Design, pp.7--14, 2000.

Digital Library

[8]

Lazowska, E. D.; Zahorjan, J.; Graham, G. S.; Sevcik, K. C. Quantitative System Performance, Prentice Hall, 1984.

Digital Library

[9]

Li, Z.; Iyer, R.; Makineni, S.; Bhuyan, L., "Anatomy and Performance of SSL Processing," International Symposium on Performance Analysis of Systems and Software, 2005., pp.197--206, 20-22 March 2005.

Digital Library

[10]

Oracle Corporation, "All about Sockets," {Online}. Available: http://download.oracle.com/javase/tutorial/networking/sockets/ {Accessed October 16, 2010}.

[11]

Oracle Corporation, "Java Secure Socket Extension: Reference Guide," {Online}. Available: http://download.oracle.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html {Accessed Oct.16, 2010}.

[12]

Portmann, M.; Seneviratne, A., "Selective security for TLS," Networks, 2001. Ninth IEEE International Conference, pp. 216--221, 10-12 Oct. 2001.

Digital Library

[13]

Potlapally, N.R.; Ravi, S.; Raghunathan, A.; Lakshminarayana, G., "Optimizing public-key encryption for wireless clients," International Conference on Communications, 2002., vol.2, pp. 1050--1056.

[14]

Rivest, R. L.; Shamir, A. ; Adleman, L., "A method for obtaining digital signatures and public-key cryptosystems," Commun. ACM 21, 2 (February 1978), 120--126.

Digital Library

[15]

Song, Y.; Leung, V.; Beznosov, K., "Supporting End-to-end Security Across Proxies with Multiple Channel SSL," in IFIP 18th World Computer Conference (WCC'2004), Toulouse, France, 2004, pp. 32.

[16]

The SANS Technology Institute, "Security Laboratory: SSL/TLS," {Online}. Available: http://www.sans.edu /resources/securitylab/ssl_tts.php. {Accessed Jan. 7, 2011}

Cited By

Dong HSong LWang JYang J(2016)SSLSARD: A Request Distribution Technique for Distributed SSL Reverse ProxiesJournal of Communications10.12720/jcm.11.4.374-382Online publication date: 2016
https://doi.org/10.12720/jcm.11.4.374-382
Lim NMajumdar SSrivastava V(2012)Devising Secure Sockets Layer-based distributed systems: A performance-aware approach2012 IEEE 31st International Performance Computing and Communications Conference (IPCCC)10.1109/PCCC.2012.6407780(376-383)Online publication date: Dec-2012
https://doi.org/10.1109/PCCC.2012.6407780

Index Terms

Engineering SSL-based systems for enhancing system performance
1. Networks
  1. Network protocols
2. Software and its engineering
  1. Software organization and properties
    1. Contextual software domains
      1. Operating systems
        Communications management
        Message passing

Recommendations

Design and Implementation of Mobile Security Access System (MSAS) Based on SSL VPN
ETCS '09: Proceedings of the 2009 First International Workshop on Education Technology and Computer Science - Volume 03

With the rapid development of mobile networks technology and popularization of mobile device, people can access Internet by mobile device and wireless connection covering the entire mobile communication network (GSM/GPRS/CDMA/3G/802.11etc) at any ...
Performance analysis of elliptic curve cryptography for SSL
WiSE '02: Proceedings of the 1st ACM workshop on Wireless security

Elliptic Curve Cryptography (ECC) is emerging as an attractive public-key cryptosystem for mobile/wireless environments. Compared to traditional cryptosystems like RSA, ECC offers equivalent security with smaller key sizes, which results in faster ...
Ssl remote access vpns (network security)

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ICPE '11: Proceedings of the 2nd ACM/SPEC International Conference on Performance engineering

March 2011

470 pages

ISBN:9781450305198

DOI:10.1145/1958746

General Chairs:
Samuel Kounev
Karlsruhe Institute of Technology, Germany
,
Vittorio Cortellessa
Università dell'Aquila, Italy
,
Program Chairs:
Raffaela Mirandola
Politecnico di Milano, Italy
,
David Lilja
University of Minnesota, USA
,
Kai Sachs
SAP AG

Copyright © 2011 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 March 2011

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ICPE'11

Sponsor:

ICPE'11: Second Joint WOSP/SIPEW International Conference on Performance Engineering

March 14 - 16, 2011

Karlsruhe, Germany

Acceptance Rates

Overall Acceptance Rate 252 of 851 submissions, 30%

Upcoming Conference

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
218
Total Downloads

Downloads (Last 12 months)3
Downloads (Last 6 weeks)1

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Dong HSong LWang JYang J(2016)SSLSARD: A Request Distribution Technique for Distributed SSL Reverse ProxiesJournal of Communications10.12720/jcm.11.4.374-382Online publication date: 2016
https://doi.org/10.12720/jcm.11.4.374-382
Lim NMajumdar SSrivastava V(2012)Devising Secure Sockets Layer-based distributed systems: A performance-aware approach2012 IEEE 31st International Performance Computing and Communications Conference (IPCCC)10.1109/PCCC.2012.6407780(376-383)Online publication date: Dec-2012
https://doi.org/10.1109/PCCC.2012.6407780

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten