Evaluating Software Complexity Measures
IEEE Transactions on Software Engineering
The PEPA workbench: a tool to support a process algebra-based approach to performance modelling
Proceedings of the 7th international conference on Computer performance evaluation : modelling techniques and tools: modelling techniques and tools
Performance and reliability analysis of computer systems: an example-based approach using the SHARPE software package
A compositional approach to performance modelling
A compositional approach to performance modelling
Probabilistic modelling
Performance Analysis of Communication Systems with Non-Markovian Stochastic Petri Nets
Performance Analysis of Communication Systems with Non-Markovian Stochastic Petri Nets
Performance of Computer Communication Systems: A Model-Based Approach
Performance of Computer Communication Systems: A Model-Based Approach
Performance Modelling with Deterministic and Stochostic Petri Nets
Performance Modelling with Deterministic and Stochostic Petri Nets
Towards a Framework for Software Measurement Validation
IEEE Transactions on Software Engineering
The Möbius Framework and Its Implementation
IEEE Transactions on Software Engineering
Petri Net Modelling and Performability Evaluation with TimeNET 3.0
TOOLS '00 Proceedings of the 11th International Conference on Computer Performance Evaluation: Modelling Techniques and Tools
Modeling and Quantification of Security Attributes of Software Systems
DSN '02 Proceedings of the 2002 International Conference on Dependable Systems and Networks
Basic Concepts and Taxonomy of Dependable and Secure Computing
IEEE Transactions on Dependable and Secure Computing
Model-Based Evaluation: From Dependability to Security
IEEE Transactions on Dependable and Secure Computing
A Compositional Approach to Performance Modelling (Distinguished Dissertations in Computer Science)
A Compositional Approach to Performance Modelling (Distinguished Dissertations in Computer Science)
Security Metrics: Replacing Fear, Uncertainty, and Doubt
Security Metrics: Replacing Fear, Uncertainty, and Doubt
On Evaluating the Performability of Degradable Computing Systems
IEEE Transactions on Computers
AINAW '08 Proceedings of the 22nd International Conference on Advanced Information Networking and Applications - Workshops
Electronic Notes in Theoretical Computer Science (ENTCS)
Quantified security is a weak hypothesis: a critical survey of results and assumptions
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
Performance analysis of email systems under three types of attacks
Performance Evaluation
Efficient solutions of a PEPA model of a key distribution centre
Performance Evaluation
Experience report: trading dependability, performance, and security through temporal decoupling
Proceedings of the 11th IFIP WG 6.1 international conference on Distributed applications and interoperable systems
Performance Related Security Modelling and Evaluation of RANETs
Wireless Personal Communications: An International Journal
An Exposition of Performance-Security Trade-offs in RANETs Based on Quantitative Network Models
Wireless Personal Communications: An International Journal
Hi-index | 0.00 |
A tradeoff is a situation that involves losing one quality or aspect of something in return for gaining another quality or aspect. Speaking about the tradeoff between performance and security indicates that both, performance and security, can be measured, and that to increase one, we have to pay in terms of the other. While established metrics for performance of systems exist this is not quite the case for security. In this chapter we present standard performance metrics and discuss proposed security metrics that are suitable for quantification. The dilemma of inferior metrics can be solved by considering indirect metrics such as computation cost of security mechanisms. Security mechanisms such as encryption or security protocols come at a cost in terms of computing resources. Quantification of performance has long been done by means of stochastic models. With growing interest in the quantification of security stochastic modelling has been applied to security issues as well. This chapter reviews existing approaches in the combined analysis and evaluation of performance and security. We find that most existing approaches take either security or performance as given and investigate the respective other. For instance [34] investigates the performance of a server running a security protocol, while [21] quantifies security without considering the cost of increased security. For special applications, mobile Ad-hoc networks in [5] and the email system in [32] we will see that models exist which can be used to explore the performance-security tradeoff. To illustrate general aspects of the security-performance tradeoff we set up a simple Generalised Stochastic Petri Net (GSPN) model that allows us to study both, performance and security and especially the tradeoff between both. We formulate metrics, such as cost and an abstract combined performance and security measure that explicitly express the tradeoff and we show that system parameters can be found that optimise those metrics. These parameters are optimal for neither performance nor security, but for the combination of both.