Towards a library of composable models to estimate the performance of security solutions

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Towards a library of composable models to estimate the performance of security solutions

Full text

Pdf (728 KB)

Source

Workshop on Software and Performance archive
Proceedings of the 7th international workshop on Software and performance table of contents

Princeton, NJ, USA

SESSION: Modeling from component libraries table of contents

Pages 145-156

Year of Publication: 2008

ISBN:978-1-59593-873-2

Authors

Vittorio Cortellessa	Università dell'Aquila, Coppito, Italy
Catia Trubiani	Università dell'Aquila, Coppito, Italy

Sponsors

SIGSOFT: ACM Special Interest Group on Software Engineering
SIGMETRICS: ACM Special Interest Group on Measurement and Evaluation
ACM: Association for Computing Machinery

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): n/a, Downloads (12 Months): n/a, Citation Count: 0

Additional Information:

abstract references index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1383559.1383579 What is a DOI?

ABSTRACT

Complex distributed dependable systems, such as web-based applications that contain sensitive data and are exposed to many users, have to meet different, and sometimes conflicting, non functional requirements, such as security and performance requirements. A typical example of this trade-off is the performance degradation introduced in a system by the raising of security solutions. Several proposals have been made to estimate the performance of security methodologies, but they are often grounded to existing standards such as IPsec and SSL.

In this paper we tackle the problem from a model-based viewpoint: we introduce basic performance models for security mechanisms, which can be considered as building bricks to compose in order to model security services. To this goal, we introduce rules that drive the composition. Security service models can then be integrated with functional models of critical applications to estimate the performance of the adopted security solutions. We represent models as Generalized Stochastic Petri Nets (GSPNs).

This is a first step towards a Security Library containing composable performance models of security mechanisms and services and representing an instrument to support designers in decisions related to the security vs performance trade-off. We show how to use our models on an example of banking system.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	D. Kartson , G. Balbo , S. Donatelli , G. Franceschinis , Giuseppe Conte, Modelling with Generalized Stochastic Petri Nets, John Wiley & Sons, Inc., New York, NY, 1994
	2	D. Berbecaru, "On Measuring SSL-based Secure Data Transfer with Handheld Devices",Proc. of 2nd International Symposium on Wireless Communication Systems, September 2005.
	3	Trust management for IPsec, ACM Transactions on Information and System Security (TISSEC), v.5 n.2, p.95-118, May 2002 [doi>10.1145/505586.505587]
	4	Hassan Gomaa, Designing Concurrent, Distributed, and Real-Time Applications with Uml, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 2000
	5	E. Gomez-Martinez, J. Merseguer, "ArgoSPE: Model-Based Software Performance Engineering", Proc. of ICATPN 2006, LNCS 4024, pages 401--410, 2006.
	6	Vipul Gupta , Sumit Gupta , Sheueling Chang , Douglas Stebila, Performance analysis of elliptic curve cryptography for SSL, Proceedings of the 1st ACM workshop on Wireless security, p.87-94, September 28-28, 2002, Atlanta, GA, USA [doi>10.1145/570681.570691]
	7	Alan Harbitter , Daniel A. Menascé, A methodology for analyzing the performance of authentication protocols, ACM Transactions on Information and System Security (TISSEC), v.5 n.4, p.458-491, November 2002 [doi>10.1145/581271.581275]
	8	Christophe Hirel , Robin A. Sahner , Xinyu Zang , Kishor S. Trivedi, Reliability and Performability Modeling Using SHARPE 2000, Proceedings of the 11th International Conference on Computer Performance Evaluation: Modelling Techniques and Tools, p.345-349, March 27-31, 2000
	9	Architectural Impact of Secure Socket Layer on Internet Servers, Proceedings of the 2000 IEEE International Conference on Computer Design: VLSI in Computers & Processors, p.7, September 17-20, 2000
	10	James F. Kurose , Keith W. Ross, Computer Networking: A Top-Down Approach Featuring the Internet, Pearson Benjamin Cummings, 2004
	11	Juan Pablo López-Grao , José Merseguer , Javier Campos, From UML activity diagrams to Stochastic Petri nets: application to software performance engineering, Proceedings of the 4th international workshop on Software and performance, January 14-16, 2004, Redwood Shores, California
	12	A. Nadeem, M. Y. Javed, "A Performance Comparison of Data Encryption Algorithms", Proc. of First International Conference on Information and Communication Technologies, August 2005.
	13	D. C. Petriu , C. M. Woodside , D. B. Petriu , J. Xu , T. Israr , Geri Georg , Robert France , James M. Bieman , Siv Hilde Houmb , Jan Jürjens, Performance analysis of security aspects in UML models, Proceedings of the 6th international workshop on Software and performance, February 05-08, 2007, Buenes Aires, Argentina [doi>10.1145/1216993.1217010]
	14	William Stallings, Cryptography and Network Security: Principles and Practice, Pearson Education, 2002
	15	Douglas Stinson, Cryptography: Theory and Practice,Second Edition, CRC/C&H, 2002
	16	K. Trivedi, "Sharpe Interface, User's Manual, Version 1.01", August 1999. http://www.ee.duke.edu/~chirel/MANUAL/gui.doc