Devising Secure Sockets Layer-based distributed systems: A performance-aware approach

Sending documents containing sensitive information is commonly performed on distributed systems. To protect the sensitive data in the documents, these documents need to be transmitted over a secure channel. However, secure communications can often increase the data transmission time due to the CPU-intensive operations (e.g. encryption/decryption) that need to be applied to the data before the data transfer. This paper focuses on a performance optimization technique called security sieve, which aims to enhance the performance of SSL/TLS-based data transmission. Security sieve reduces the transmission time of transferring classified documents, which may also contain non-sensitive data, by minimizing the time spent performing the CPU-intensive security-related operations. This paper focuses on highlighting the performance optimization principles/performance patterns that were used and includes a discussion of a prototype implementation. In addition, experimental results are presented to demonstrate the performance enhancement provided by security sieve.