Skip to Content
[CAIDA - Center for Applied Internet Data Analysis logo]
Center for Applied Internet Data Analysis > publications : bib : networking : entries : claffy95measured.xml
Bibliography Details
k. claffy, A Gross, and H.-W. Braun, "Measured interference of security mechanisms with network performance", in International Networking Conference (INET) '95, Jun 1995.
Measured interference of security mechanisms with network performance
Authors: k. claffy
A Gross
H.-W. Braun
Published: International Networking Conference (INET), 1995
Entry Date: 2004-02-06

We illustrate the measured interference of network security mechanisms with network performance. In particular, using encryption, such as that offered by Kerberos for interactive rlogin sessions, can have a significant adverse impact in situations where lower network layers (e.g., modems) try to perform compression to optimize transmission performance. Such interaction between network layers poses an acute problem for low-speed (e.g., dial-up) lines. Although it is no surprise that encryption precludes the ability to perform subsequent compression, it is worth examining its implication for the recent popularity of adding network security mechanisms to extant applications. The example we show is symbolic of a more general issue in distributed system engineering: if both security and performance are design goals, security cannot be an afterthought without expecting a significant loss in performance. We must thus design security as well as performance into the architecture, rather than on top of it.

  Last Modified: Thu Oct-19-2017 14:15:33 PDT
  Page URL: