DocumentCode :
1304074
Title :
Cost-Performance Optimization of SSL-Based Secure Distributed Infrastructures
Author :
Bregni, S. ; Giacomazzi, P. ; Poli, A.
Author_Institution :
Politec. di Milano, Milan, Italy
Volume :
9
Issue :
4
fYear :
2011
fDate :
7/1/2011 12:00:00 AM
Firstpage :
550
Lastpage :
556
Abstract :
Business-to-Business and Business-to-Customer transactions in Internet require secure communication, especially for web applications. The Secure Socket Layer (SSL) protocol is one of the most viable solutions to provide the required level of confidentiality, message integrity and endpoint authentication. The two main alternatives for providing SSL security are the end-to-end and the accelerated solutions, which enable different cost-performance tradeoffs, where performance is intended as the overall delay that the customer experiences to complete the transaction. The accelerated solution is enabled by special devices (SSL acceleration cards) placed in network nodes. In this paper, we propose an optimization algorithm, which designs the ICT infrastructure minimizing the total cost, given a target performance objective defined as the end-to-end delay for the completion of the distributed application tasks. We apply this method to evaluate the efficiency of SSL acceleration versus end-to-end SSL, in order to determine in what conditions SSL acceleration is convenient. Our algorithm performs joint optimization of computing and communication resources, whilst in literature hard-ware and network are typically optimized separately.
Keywords :
Internet; electronic commerce; message authentication; protocols; ICT infrastructure; Internet; SSL acceleration card; SSL protocol; SSL security; SSL-based secure distributed infrastructure; Web application; business-to-business transaction; business-to-customer transaction; communication resource; confidentiality level; cost-performance optimization; end-to-end SSL; end-to-end delay; endpoint authentication; message integrity; network node; optimization algorithm; secure communication; secure socket layer; Acceleration; Benchmark testing; Hardware; Internet; Optimization; Random access memory; Security; Communication system security; information systems; information technology; optimization methods;
fLanguage :
English
Journal_Title :
Latin America Transactions, IEEE (Revista IEEE America Latina)
Publisher :
ieee
ISSN :
1548-0992
Type :
jour
DOI :
10.1109/TLA.2011.5993742
Filename :
5993742
Link To Document :
بازگشت