We are not able to resolve this OAI Identifier to the repository landing page. If you are the repository manager for this record, please head to the Dashboard and adjust the settings.
PhDAutomated runtime security adaptation has great potential in providing timely and
fine grained security control. In this thesis we study the practical utility of a runtime
security-performance trade off for the pervasive Secure Socket Layer (SSL/TLS)
protocol. To that end we address a number of research challenges.
We develop an Adaptive Security methodology to extend non-adaptive legacy security
systems with adaptive features. We also create a design of such an extended
system to support the methodology. The design aids in identifying additional key
components necessary for the creation of an adaptive security system.
We furthermore apply our methodology to the Secure Socket Layer (SSL) protocol
to create a design and implementation of a practical Adaptive SSL (ASSL) solution
that supports runtime security adaptation in response to cross-cutting environmental
concerns. The solution effectively adapts security at runtime, only reducing maximum
server load by 15% or more depending on adaptation decision complexity.
Next we address the security-performance trade off research challenge. Following
our methodology we conduct an offline study of factors affecting server performance
when security is adapted. These insights allow for the creation of policies that can
trade off security and performance by taking into account the expected future state of
the system under adaptation. In so doing we found that client SSL session duration,
requested file size and current security algorithm play roles predicting future system
state. Notably, performance deviation is smaller when sessions are longer and files
are smaller and vice versa. A complete Adaptive Security solution which successfully
demonstrates our methodology is implemented with trade-off policies and ASSL as
key components. We show that the solution effectively utilises available processing
resources to increase security whilst still respecting performance guarantees
Is data on this page outdated, violates copyrights or anything else? Report the problem now and we will take corresponding actions after reviewing your request.