Limits...
Quality of protection evaluation of security mechanisms.

Ksiezopolski B, Zurek T, Mokkas M - ScientificWorldJournal (2014)

Bottom Line: The methodology of our model preparation is described and based on it the case study analysis is presented.We support our method by the tool where the models can be defined and QoP evaluation can be performed.Finally, we have modelled TLS cryptographic protocol and presented the QoP security mechanisms evaluation for the selected versions of this protocol.

View Article: PubMed Central - PubMed

Affiliation: Institute of Computer Science, Maria Curie-Sklodowska University, Plac Marii Curie-Sklodowskiej 5, 20-031 Lublin, Poland ; Polish-Japanese Institute of Information Technology, Koszykowa 86, 02-008 Warsaw, Poland.

ABSTRACT
Recent research indicates that during the design of teleinformatic system the tradeoff between the systems performance and the system protection should be made. The traditional approach assumes that the best way is to apply the strongest possible security measures. Unfortunately, the overestimation of security measures can lead to the unreasonable increase of system load. This is especially important in multimedia systems where the performance has critical character. In many cases determination of the required level of protection and adjustment of some security measures to these requirements increase system efficiency. Such an approach is achieved by means of the quality of protection models where the security measures are evaluated according to their influence on the system security. In the paper, we propose a model for QoP evaluation of security mechanisms. Owing to this model, one can quantify the influence of particular security mechanisms on ensuring security attributes. The methodology of our model preparation is described and based on it the case study analysis is presented. We support our method by the tool where the models can be defined and QoP evaluation can be performed. Finally, we have modelled TLS cryptographic protocol and presented the QoP security mechanisms evaluation for the selected versions of this protocol.

Show MeSH
Example enterprise network architecture.
© Copyright Policy - open-access
Related In: Results  -  Collection


getmorefigures.php?uid=PMC4127209&req=5

fig2: Example enterprise network architecture.

Mentions: In this section we are going to present a case study of the QoP evaluation of security mechanisms for the TLS Handshake protocol. The TLS protocol is used each day in real business situations in the actual enterprise environment. Given the enterprise network infrastructure in Figure 2, one should analyse different roles which refer to different levels of the quality of protection of used security mechanisms. The users are allowed to access e-mail, FTP, web, and application servers with the communication channel protected by means of the TLS protocol at a different QoP level. The utilized versions of the TLS protocol together with equivalent cryptographic algorithms are summarized in Table 7.


Quality of protection evaluation of security mechanisms.

Ksiezopolski B, Zurek T, Mokkas M - ScientificWorldJournal (2014)

Example enterprise network architecture.
© Copyright Policy - open-access
Related In: Results  -  Collection

Show All Figures
getmorefigures.php?uid=PMC4127209&req=5

fig2: Example enterprise network architecture.
Mentions: In this section we are going to present a case study of the QoP evaluation of security mechanisms for the TLS Handshake protocol. The TLS protocol is used each day in real business situations in the actual enterprise environment. Given the enterprise network infrastructure in Figure 2, one should analyse different roles which refer to different levels of the quality of protection of used security mechanisms. The users are allowed to access e-mail, FTP, web, and application servers with the communication channel protected by means of the TLS protocol at a different QoP level. The utilized versions of the TLS protocol together with equivalent cryptographic algorithms are summarized in Table 7.

Bottom Line: The methodology of our model preparation is described and based on it the case study analysis is presented.We support our method by the tool where the models can be defined and QoP evaluation can be performed.Finally, we have modelled TLS cryptographic protocol and presented the QoP security mechanisms evaluation for the selected versions of this protocol.

View Article: PubMed Central - PubMed

Affiliation: Institute of Computer Science, Maria Curie-Sklodowska University, Plac Marii Curie-Sklodowskiej 5, 20-031 Lublin, Poland ; Polish-Japanese Institute of Information Technology, Koszykowa 86, 02-008 Warsaw, Poland.

ABSTRACT
Recent research indicates that during the design of teleinformatic system the tradeoff between the systems performance and the system protection should be made. The traditional approach assumes that the best way is to apply the strongest possible security measures. Unfortunately, the overestimation of security measures can lead to the unreasonable increase of system load. This is especially important in multimedia systems where the performance has critical character. In many cases determination of the required level of protection and adjustment of some security measures to these requirements increase system efficiency. Such an approach is achieved by means of the quality of protection models where the security measures are evaluated according to their influence on the system security. In the paper, we propose a model for QoP evaluation of security mechanisms. Owing to this model, one can quantify the influence of particular security mechanisms on ensuring security attributes. The methodology of our model preparation is described and based on it the case study analysis is presented. We support our method by the tool where the models can be defined and QoP evaluation can be performed. Finally, we have modelled TLS cryptographic protocol and presented the QoP security mechanisms evaluation for the selected versions of this protocol.

Show MeSH