[Help] Last update at http://inet.nttam.com : Mon Aug 7 21:40:35 1995

Abstract -- Post-NSFNET Statistics Collection Network and Application Engineering Track
N6: High Speed Wide Area Networks

[Previous] [Table [Next]
[Paper [Paper

Post-NSFNET Statistics Collection

Claffy, K. ( kc@upeksa.sdsc.edu)
Braun, Hans-Werner ( hwb@upeksa.sdsc.edu)


We illustrate the measured interference of network security mechanisms with network performance. In particular, using encryption, such as that offered by Kerberos for interactive rlogin sessions, can have a significant adverse impact in situations where lower network layers (e.g., modems) try to perform compression to optimize transmission performance. Such interaction between network layers poses an acute problem for low-speed (e.g., dial-up) lines. Although it is no surprise that encryption precludes the ability to perform subsequent compression, it is worth examining its implication for the recent popularity of adding network security mechanisms to extant applications. The example we show is symbolic of a more general issue in distributed system engineering: if both security and performance are design goals, security cannot be an afterthought without expecting a significant loss in performance. We must thus design security as well as performance into the architecture, rather than on top of it.