论文信息 - ANALYTICAL MODEL OF IPSEC PROCESS THROUGHPUT

ANALYTICAL MODEL OF IPSEC PROCESS THROUGHPUT

The paper concerns with a throughput of securing process which cannot be described neither by a constant value of bits per second nor by a constant value of packets per second over the range of packet sizes. We propose general throughput model of IPsec process based on characteristic parameters that are independent on the packet size. These parameters might be used for comprehensive definition of throughput on any security system. Further, a method for obtaining characteristic parameters is proposed. Usage of the method can significantly decrease count of throughput measurements required for modelling the system.

Ivan Baronak | Adam Tisovsky

[1] William Stallings Zhu,et al. Network Security Essentials : Applications and Standards , 2007 .

[2] Sandeep Malik,et al. Performance enhancement for IPsec processing on multi-core systems , 2011, 2011 National Conference on Communications (NCC).

[3] Christian Benvenuti. Understanding Linux Network Internals , 2005 .

[4] Jens-Peter Kaps,et al. Efficient Hardware Accelerator for IPSec Based on Partial Reconfiguration on Xilinx FPGAs , 2011, 2011 International Conference on Reconfigurable Computing and FPGAs.

[5] Lazaros F. Merakos,et al. A generic characterization of the overheads imposed by IPsec and associated cryptographic algorithms , 2006, Comput. Networks.

[6] Angelos D. Keromytis,et al. The Design of the {OpenBSD} Cryptographic Framework , 2003, USENIX Annual Technical Conference, General Track.

[7] Miroslav Voznak,et al. Web-based IP telephony penetration system evaluating level of protection from attacks and threats , 2011 .

[8] William Stallings,et al. Network Security Essentials: Applications and Standards , 1999 .

[9] Hugo Krawczyk,et al. A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[10] Mohey M. Hadhoud,et al. Evaluating the Effects of Symmetric Cryptography Algorithms on Power Consumption for Different Data Types , 2010, Int. J. Netw. Secur..

[11] Chuang Lin,et al. Towards High-Performance IPsec on Cavium OCTEON Platform , 2010, INTRUST.