Skip to Content
[CAIDA - Center for Applied Internet Data Analysis logo]
Center for Applied Internet Data Analysis
Measured interference of security mechanisms with network performance
H. Braun, k. claffy, and A. Gross, "Measured interference of security mechanisms with network performance", in International Networking Conference (INET), Jun 1995.
|   View full paper:    PDF    |  Citation:    BibTeX   |

Measured interference of security mechanisms with network performance

Hans-Werner Braun1
kc claffy1
Andrew Gross2
1

National Laboratory for Applied Network Research - NLANR, San Diego Supercomputer Center, University of California, San Diego

2

San Diego Supercomputer Center,
University of California, San Diego

We illustrate the measured interference of network security mechanisms with network performance. In particular, using encryption, such as that offered by Kerberos for interactive rlogin sessions, can have a significant adverse impact in situations where lower network layers (e.g., modems) try to perform compression to optimize transmission performance. Such interaction between network layers poses an acute problem for low-speed (e.g., dial-up) lines. Although it is no surprise that encryption precludes the ability to perform subsequent compression, it is worth examining its implication for the recent popularity of adding network security mechanisms to extant applications. The example we show is symbolic of a more general issue in distributed system engineering: if both security and performance are design goals, security cannot be an afterthought without expecting a significant loss in performance. We must thus design security as well as performance into the architecture, rather than on top of it.

Keywords: security
  Last Modified: Wed Oct-11-2017 17:03:44 PDT
  Page URL: http://www.caida.org/publications/papers/1995/mism/index.xml