Runtime Security Adaptation Using Adaptive SSL

Author

Lamprecht, Christiaan J. ; van Moorsel, A.P.A.

Author_Institution

Sch. of Comput. Sci., Univ. of Newcastle upon Tyne, Newcastle upon Tyne, UK

fYear

2008

fDate

15-17 Dec. 2008

Firstpage

305

Lastpage

312

Abstract

Self-adaptive security offers great potential in providing timely and fine grained security control. In this paper we experimentally investigate the effects of a security adaptation in various client-server scenarios. We do this using SSL/TLS and show how client load patterns determine the overall performance effect of a security adaptation. We also demonstrate the viability of such a system using adaptive SSL. Experiments and analysis show that client arrival rate is not sufficient for making an adaptation decision. The average requested file size and the client session duration play key roles in the performance effect of such an adaptation. Adaptation with file sizes larger than 8192 bytes and small session durations result in greater performance impact when the server is under heavy load.

Keywords

client-server systems; fault tolerant computing; security of data; SSL/TLS; client-server scenario; runtime security self-adaptation; secure socket layer; transport layer security; Adaptive control; Adaptive systems; Communication system security; Costs; Data security; File servers; Programmable control; Protocols; Quality of service; Runtime; SSL/TLS; Self-adaptation; automation; performance; security; trade-off;

fLanguage

English

Publisher

ieee

Conference_Titel

Dependable Computing, 2008. PRDC '08. 14th IEEE Pacific Rim International Symposium on

Conference_Location

Taipei

Print_ISBN

978-0-7695-3448-0

Electronic_ISBN

978-0-7695-3448-0

Type

conf

DOI

10.1109/PRDC.2008.27

Filename

4725310