A Performance Analysis of Secure HTTP Protocol



Similar documents
LOAD BALANCING AS A STRATEGY LEARNING TASK

Module 12: Microsoft Windows 2000 Clustering. Contents Overview 1 Clustering Business Scenarios 2 Testing Tools 4 Lab Scenario 6 Review 8

Parallel Processing and Software Performance. Lukáš Marek

Delivering Quality in Software Performance and Scalability Testing

PERFORMANCE ANALYSIS OF WEB SERVERS Apache and Microsoft IIS

Load balancing as a strategy learning task

Online Remote Data Backup for iscsi-based Storage Systems

S y s t e m A r c h i t e c t u r e

MEASURING WORKLOAD PERFORMANCE IS THE INFRASTRUCTURE A PROBLEM?

Removing Performance Bottlenecks in Databases with Red Hat Enterprise Linux and Violin Memory Flash Storage Arrays. Red Hat Performance Engineering

Microsoft Windows Server 2003 with Internet Information Services (IIS) 6.0 vs. Linux Competitive Web Server Performance Comparison

Zeus Traffic Manager VA Performance on vsphere 4

Performance Evaluation of Distributed Web Server Architectures under E-Commerce Workloads 1

System Requirements for Microsoft Dynamics SL 2015

Cisco Application Networking for IBM WebSphere

Performance Characteristics of VMFS and RDM VMware ESX Server 3.0.1

( ) ( ) TECHNOLOGY BRIEF. XTNDConnect Server: Scalability SCALABILITY REFERS TO HOW WELL THE SYSTEM ADAPTS TO INCREASED DEMANDS AND A GREATER

Rackspace Cloud Databases and Container-based Virtualization

scalability OneBridge

pc resource monitoring and performance advisor

PERFORMANCE ANALYSIS OF KERNEL-BASED VIRTUAL MACHINE

State of Wisconsin DET File Transfer Protocol Service Offering Definition (FTP & SFTP)

Quantifying the Performance Degradation of IPv6 for TCP in Windows and Linux Networking

PLATO Learning Environment System and Configuration Requirements for workstations. October 27th, 2008

Comparison of Web Server Architectures: a Measurement Study

Terminal Server Software and Hardware Requirements. Terminal Server. Software and Hardware Requirements. Datacolor Match Pigment Datacolor Tools

SQL Server Business Intelligence on HP ProLiant DL785 Server

E-GOVERNANCE MISSION MODE PROJECT (MMP) CRIME & CRIMINAL TRACKING NETWORK & SYSTEMS (CCTNS) IMPLEMENTATION OF CCTNS IN GOA

Performance Modeling and Analysis of a Database Server with Write-Heavy Workload

IOS110. Virtualization 5/27/2014 1

System Requirements for Microsoft Dynamics SL 2015

SiteCelerate white paper

Virtualization Technologies and Blackboard: The Future of Blackboard Software on Multi-Core Technologies

AN EFFICIENT LOAD BALANCING ALGORITHM FOR A DISTRIBUTED COMPUTER SYSTEM. Dr. T.Ravichandran, B.E (ECE), M.E(CSE), Ph.D., MISTE.,

Check Point FireWall-1 HTTP Security Server performance tuning

A Comparative Study on Vega-HTTP & Popular Open-source Web-servers

Distributed applications monitoring at system and network level

MAGENTO HOSTING Progressive Server Performance Improvements

PLATO Learning Environment System and Configuration Requirements. for workstations. April 14, 2008

Cisco Application Networking for BEA WebLogic

PC Solutions That Mean Business

Web Servers Outline. Chris Chin, Gregory Seidman, Denise Tso. March 19, 2001

What is a SSL VPN and How Does it Work?

msuite5 & mdesign Installation Prerequisites

RSA SecurID Ready Implementation Guide

Riverbed Stingray Traffic Manager VA Performance on vsphere 4 WHITE PAPER

PLATO Learning Environment 2.0 System and Configuration Requirements. Dec 1, 2009

TCP Servers: Offloading TCP Processing in Internet Servers. Design, Implementation, and Performance

Performance Analysis of Secure Web Server Based on SSL

Testing & Assuring Mobile End User Experience Before Production. Neotys

The Association of System Performance Professionals

How to Build a Massively Scalable Next-Generation Firewall

Development of Software Dispatcher Based. for Heterogeneous. Cluster Based Web Systems

Purpose-Built Load Balancing The Advantages of Coyote Point Equalizer over Software-based Solutions

A STUDY OF WORKLOAD CHARACTERIZATION IN WEB BENCHMARKING TOOLS FOR WEB SERVER CLUSTERS

DEPLOYMENT OF I M INTOUCH (IIT) IN TYPICAL NETWORK ENVIRONMENTS. Single Computer running I m InTouch with a DSL or Cable Modem Internet Connection

DELL. Virtual Desktop Infrastructure Study END-TO-END COMPUTING. Dell Enterprise Solutions Engineering

DESIGN AND IMPLEMENTATION OF AN INTRANET SECURITY AND ACCESS CONTROL SYSTEM IN UBI-COM

Harden SSL/TLS v1.01. Windows hardening tool. Thierry ZOLLER.

Windows Server Performance Monitoring

A Method for Implementing, Simulating and Analyzing a Voice over Internet Protocol Network

Technical Research Paper. Performance tests with the Microsoft Internet Security and Acceleration (ISA) Server

Streaming and Virtual Hosted Desktop Study

Intel DPDK Boosts Server Appliance Performance White Paper

Thierry ZOLLER Principal Security Consultant

TPC-W * : Benchmarking An Ecommerce Solution By Wayne D. Smith, Intel Corporation Revision 1.2

Owner of the content within this article is Written by Marc Grote

Control 2004, University of Bath, UK, September 2004

White Paper ClearSCADA Architecture

Microsoft Exchange Server 2003 Deployment Considerations

Dell Virtualization Solution for Microsoft SQL Server 2012 using PowerEdge R820

ZEN LOAD BALANCER EE v3.04 DATASHEET The Load Balancing made easy

Web hosting. Web hosting

White Paper. Enhancing Website Security with Algorithm Agility

Internet Content Distribution

Load Testing on Web Application using Automated Testing Tool: Load Complete

Certificate-Based Single Sign-on Mechanism for Multi-Platform Distributed Systems

Lab Testing Summary Report

E-commerce. Web Servers Hardware and Software

Performance Evaluation of Distributed Web Server Architectures under E-Commerce Workloads

AppDirector Load balancing IBM Websphere and AppXcel

2. Research and Development on the Autonomic Operation. Control Infrastructure Technologies in the Cloud Computing Environment

NetScaler VPX FAQ. Table of Contents

Radware s AppDirector and AppXcel An Application Delivery solution for applications developed over BEA s Weblogic

Performance Oriented Management System for Reconfigurable Network Appliances

E-Commerce for IT Advanced. Louis Aguila & Matt Burt

A Proxy-Based Data Security Solution in Mobile Cloud

Report Paper: MatLab/Database Connectivity

Load Balancing for Microsoft Office Communication Server 2007 Release 2

Load Testing and Monitoring Web Applications in a Windows Environment

Analysis of Delivery of Web Contents for Kernel-mode and User-mode Web Servers

Eloquence Training What s new in Eloquence B.08.00

SAP WEB DISPATCHER Helps you to make decisions on Web Dispatcher implementation

Web Server Software Architectures

Proxy Server, Network Address Translator, Firewall. Proxy Server

Implementation Vulnerabilities in SSL/TLS

Understanding the Benefits of IBM SPSS Statistics Server

A Comparison of Software Architectures for E-Business Applications

Chapter 2 Addendum (More on Virtualization)

Performing Load Capacity Test for Web Applications

Transcription:

A Performance Analysis of Secure Protocol Xubin He, Member, IEEE Department of Electrical and Computer Engineering Tennessee Technological University Cookeville, TN 3855, U.S.A hexb@tntech.edu Abstract Data security plays an essential role in today s web service. Secure (S) is one of the popular protocols to transfer sensitive data over the Internet. This paper shows how the security affects performance compared to. Based on our preliminary measurements, the average response time ranges from.1 to 5 seconds, and from 6 to 8 seconds, for and S, respectively. Our experiments also show that the S overhead mainly comes from clients other than servers. 1 Introduction WITH the phenomenal growth of popularity of the Internet, security is more and more important to the E-commerce business[4]. For some sites such as finance and online payment system, it s more important than performance. Much research has been sparked to improve data security [3, 5, 8]. Some mechanisms are proposed to improve security of network attached storage systems. Freeman and Miller gave an architecture file system to guarantee user data security using end-to-end encryption[1]. A secure scheme to protect network-attached storage systems against different types of attacks using strong cryptography is proposed in [6]. [7, 9] is the most popular protocol to transfer document over the Internet and Secure (S) is a protocol to transfer sensitive data over SSL (Secure Socket Layer) [2]. To understand how and to what extent the security mechanism of S affects the performance, we have been performing extensive measurements on the web servers

environment. Our results show that S has different behaviors compared with and it costs more system resources on client side. 2 Preliminary Performance Analysis We configured a standard http web server and a S server which is powered by a Verisign trial ID. Under S, all contents are encrypted through SSL (Secure Socket Layer). The system configurations are described in table 1, and all machines are connected through a 1Mbps switch to form an isolated LAN. The benchmark tool we are using is Microsoft Web Capacity Analysis Tool (WCAT). WCAT runs simulated workloads on client-server configurations. WCAT measures how Internet Information Services and network configuration respond to a variety of different client requests for content, data, or html pages. The results of these tests can be used to determine the optimal server and network configuration. WCAT is specially designed to evaluate how Internet servers running Windows 2 (or Windows NT) and Internet Information Services respond to various client workload simulations. Table 1: Test Environments. Machine CPU Memory OS Server PIII 4 64MB NT 4 Server, SP 5 Controller PIII 8 256MB NT4 Server, SP5 Clients (49) P 166 64MB NT4 Workstation The server provides contents to the clients, and the controller collects the test data. The test suite we are using is Webstone, which is a standard benchmark and the size of the requested page ranges from 1k to 2k. Each client runs 2 threads simultaneously. We started our experiments with measurement of system performance for and S under Webstone workload. Figure 1 show shows the measurement results in terms of throughput (Figure 1a) and response time (Figure 1b) against number of clients. It can be seen from these figures that throughput get saturated under much faster that S. For, the server gets saturated at throughput being 6 connections/second with 5 clients. While for S, the throughput is steadily

increasing and gets saturated at 4 connections/second with over 45 clients. That s around 33% performance reduction compared to. The response times for (less than 5 seconds) are also significantly lower than that of S which ranges from 6 to 8 seconds. (a) System throughput (b) Response time s s connections/second 7 6 5 4 3 2 1 seconds 9 8 7 6 5 4 3 2 1 1 5 9 13172125293337414549 #clients #clients Figure 1: Webstone system throughput and response time To understand why S reduces system performance so dramatically, we measured the server processor time and internal server behavior such as context switches and system calls, as shown in Figure 2 and Figure 3, respectively. Figure 2 shows the CPU time. For, the server processor gets saturated very quickly, while for S, the server processor has much idle time before it is saturated with over 45 clients. This implies that some computation such as verification, SSL encryption is handled on the client side before a request is send to the server, which dramatically reduces the overall system performance. Figure 2b further shows that even the server is saturated, the total processor time spend on web server process are still less than 8% for both and S. Another 2% CPU time are used to operating system itself. Our further investigations on internal system counters such as context switch (Figure 3a) and system calls (Figure 3b) confirm the observation. For, with much more context switch and systems calls than S, the server provides much better system performance, that is, higher throughput and lower response time.

(a) CPU Utilization (b) web server process time s s 1 1 %Processor time 8 6 4 2 %Processor time 8 6 4 2 #Client Figure 2: CPU time (a) Context switch (b) System Calls sl s 7 2 context switch/second 6 5 4 3 2 1 sys calls/second 15 1 5 1 5 9 13172125293337414549 Figure 3: System behavior 3 Conclusions In this paper, we have studied the security cost of S under Webstone workloads. Compared to standard, S costs more system resources on clients. Some computation such as verification, SSL encryption is handled on the client side before a request is send to the server, so much more clients are needed to saturate the server than that of. Once the server is saturated, the system performance of S achieves around 67% of in terms of throughput.

References [1] W. Freeman and E. Miller, Design for a Decentralized Security System for Network Attached Storage, Proc of 17th IEEE Symposium on Mass Storage Systems, 2. [2] A. O. Freier, P. Karlton, and P. C. Kocher, The SSL Protocol Version 3., http://home.netscape.com/eng/ssl3/draft32.txt,1996. [3] A. Goldberg, R. Buff, and A. Schmitt, Secure Web Server Performance Dramatically Improved by Caching SSL Session Keys, Proc of Workshop on Internet Server Performance, 1998. [4] B. K. Haddon, Security in Storage Management: The Standards Question, Proc of 18th IEEE Symposium on Mass Storage Systems, 21. [5] J. Hughes, Storage Security, Proc of 19th IEEE Symposium on Mass Storage Systems, 22. [6] E. L. Miller, et al., Strong Security for Network-Attached Storage, Proc of Conference on File and Storage Technologies (FAST 2), 22. [7] J. C. Mogul, The case for persistent-connection, Proc of SIGCOMM Symposium on Communications Architectures and Protocols, Cambridge, MA, 1995. [8] E. Riedel, M. Kallahalla, and R. Swaminathan, A framework for evaluating storage system security, Proc of Conference on File and Storage Technologies (FAST 2), 22. [9] A. Rousskov and V. Soloviev, A Performance Study of the Squid Proxy on /1., World Wide Web, vol. 2, pp. 47-67, 1999.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information