Hierarchical Modeling of Availability in Distributed Systems
IEEE Transactions on Software Engineering
A security model for dynamic adaptive traffic masking
NSPW '97 Proceedings of the 1997 workshop on New security paradigms
Dependability: Basic Concepts and Terminology
Dependability: Basic Concepts and Terminology
Simulating Highly Dependable Applications in a Distributed Computing Environment
ANSS '03 Proceedings of the 36th annual symposium on Simulation
An Empirical Study of Secure MPEG Video Transmissions
SNDSS '96 Proceedings of the 1996 Symposium on Network and Distributed System Security (SNDSS '96)
Availability Analysis Of Transaction Processing Systems Based On User-Perceived Performance
SRDS '97 Proceedings of the 16th Symposium on Reliable Distributed Systems
Basic Concepts and Taxonomy of Dependable and Secure Computing
IEEE Transactions on Dependable and Secure Computing
Intrusion-Tolerant Middleware: The Road to Automatic Security
IEEE Security and Privacy
Mayday: distributed filtering for internet services
USITS'03 Proceedings of the 4th conference on USENIX Symposium on Internet Technologies and Systems - Volume 4
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
On Evaluating the Performability of Degradable Computing Systems
IEEE Transactions on Computers
Low-resource routing attacks against tor
Proceedings of the 2007 ACM workshop on Privacy in electronic society
Opportunistic Encryption: A Trade-Off between Security and Throughput in Wireless Networks
IEEE Transactions on Dependable and Secure Computing
User-Perceived Service Availability: A Metric and an Estimation Approach
ICWS '09 Proceedings of the 2009 IEEE International Conference on Web Services
Performability analysis method from reliability and availability
Proceedings of the 2009 International Conference on Hybrid Information Technology
Intrusion-tolerant architectures: concepts and design
Architecting dependable systems
Performance and security tradeoff
SFM'10 Proceedings of the Formal methods for quantitative aspects of programming languages, and 10th international conference on School on formal methods for the design of computer, communication and software systems
A generic proxy for secure smart card-enabled web applications
ICWE'10 Proceedings of the 10th international conference on Web engineering
Adaptive run-time performance optimization through scalable client request rate control
Proceedings of the 2nd ACM/SPEC International Conference on Performance engineering
Modeling user-perceived service availability
ISAS'05 Proceedings of the Second international conference on Service Availability
An architectural framework for analyzing tradeoffs between software security and performance
ISARCS'10 Proceedings of the First international conference on Architecting Critical Systems
| Hi-index | 0.00 |
While it is widely recognized that security can be traded for performance and dependability, this trade-off lacks concrete and quantitative evidence. In this experience report we discuss (i) a concrete approach (temporal decoupling) to control the trade-off between those properties, and (ii) a quantitative and qualitative evaluation of the benefits based on an online auction system. Our results show that trading only a small amount of security does not pay off in terms of performance or dependability. Trading security even more first improves performance and later improves dependability.