Performance Considerations in Web Security

This paper discusses techniques for improving Web performance and how they are affected by security. While security is an essential component for many Web applications, it can negatively affect performance. Encryption results in significant overhead. A scalable Web site deploying SSL has special load balancing requirements in order to allow efficient use of the protocol. We discuss how fragment-based creation of Web content can allow partial caching of pages containing encrypted content. We also discuss performance issues related to security checks on mobile code.

[1]  염흥렬,et al.  [서평]「Applied Cryptography」 , 1997 .

[2]  Duke Jd How much does it really cost , 1973 .

[3]  George C. Necula,et al.  Safe kernel extensions without run-time checking , 1996, OSDI '96.

[4]  Ronald Mraz Secure Blue: an architecture for a scalable, reliable high volume SSL Internet server , 2001, Seventeenth Annual Computer Security Applications Conference.

[5]  Daniel M. Dias,et al.  A scalable and highly available web server , 1996, COMPCON '96. Technologies for the Information Superhighway Digest of Papers.

[6]  Simson L. Garfinkel,et al.  Web Security, Privacy and Commerce , 2001 .

[7]  Robert R. Moeller,et al.  Network Security , 1993, Inf. Secur. J. A Glob. Perspect..

[8]  Thomas P. Brisco DNS Support for Load Balancing , 1995, RFC.

[9]  Andrew A. Chien,et al.  Breaking the barriers: high performance security for high performance computing , 2002, NSPW '02.

[10]  Anees Shaikh,et al.  On the effectiveness of DNS-based server selection , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).

[11]  Arun Iyengar,et al.  Improving Web Server Performance by Caching Dynamic Data , 1997, USENIX Symposium on Internet Technologies and Systems.

[12]  Daniel A. Reed,et al.  NCSA's World Wide Web Server: Design and Performance , 1995, Computer.

[13]  Jeffrey C. Mogul,et al.  The case for persistent-connection HTTP , 1995, SIGCOMM '95.

[14]  Debanjan Saha,et al.  Transport layer security: how much does it really cost? , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[15]  조위덕 Cryptography , 1987, The Official (ISC)2 SSCP CBK Reference.

[16]  Arun Iyengar,et al.  A publishing system for efficiently creating dynamic Web content , 2000, Proceedings IEEE INFOCOM 2000. Conference on Computer Communications. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat. No.00CH37064).

[17]  Guerney D. H. Hunt,et al.  Network Dispatcher: A Connection Router for Scalable Internet Services , 1998, Comput. Networks.

[18]  Radia J. Perlman,et al.  Network security - private communication in a public world , 2002, Prentice Hall series in computer networking and distributed systems.