Title :
Securing electronic commerce: reducing the SSL overhead
Author :
Apostolopoulos, George ; Peris, Vinod ; Pradhan, Prashant ; Saha, Debanjan
Author_Institution :
Redback Networks, USA
Abstract :
The last couple of years have seen a growing momentum toward using the Internet for conducting business. Web-based electronic commerce applications are one of the fastest growing segments of the Internet today. A key enabler for e-commerce applications is the ability to setup secure private channels over a public network. The Secure Sockets Layer protocol provides this capability and is the most widely used security protocol in the Internet. We take a close look at the working principles behind SSL with an eye on performance. We benchmark two of the popular Web servers in wide use in a number of large e-commerce sites. Our results show that the overheads due to SSL can make Web servers slower by a couple of orders of magnitude. We investigate the reason for this deficiency by instrumenting the SSL protocol stack with a detailed profiling of the protocol processing components. In light of our observations, we outline architectural guidelines for large e-commerce sites
Keywords :
Internet; electronic commerce; protocols; search engines; security of data; telecommunication security; Internet; SSL overhead reduction; SSL protocol stack; Secure Sockets Layer protocol; Web servers; Web-based electronic commerce applications; architectural guidelines; business; e-commerce applications; e-commerce sites; electronic commerce security; performance; protocol processing; public network; secure private channels; security protocol; Authentication; Electronic commerce; Internet; Optical coupling; Optical fiber networks; Privacy; Security; Sockets; Transport protocols; Web server;
Journal_Title :
Network, IEEE
