A Study of Security and Performance Issues in Designing Web-based Applications

Due to the evolution of Internet technology and application popularization, security and performance have become key issues for implementing Web-based applications. Presently, most of the Web-based applications design only consider security issue, but ignore performance problem. According to these two issues, we propose a new approach to integrate security and performance aspects for Web-based applications, called ISPWAD, which combines SWAP and RBAC frameworks. The purposes of proposed ISPWAD are to fix the security holes and improve the processing performance during in designing Web-based applications. In this paper, we propose the ISPWAD framework and design its algorithm, and also illustrate how to implement the secure Web-based applications with tuning performance. Then, we will utilize the ISPWAD to set up a practical EIP system and perform simulations for security solutions and performance improvements. Finally, our experimental results indicate that the proposed ISPWAD can solve related security holes, obtain better processing performance, and reduce development time and cost. In addition, the ISPWAD can attain a good balance-point between security and performance. In the future, the ISPWAD framework can provide a reference model for implementing e-commerce, ERP II, or EIP systems.