Performance Analysis of Secure Web Server Based on SSL

  • Xiaodong Lin
  • Johnny W. Wong
  • Weidong Kou
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1975)


In recent years, protocols have been developed to ensure secure communications over the Internet, e.g., the secure sockets layer (SSL) and secure electronic transaction (SET). Deployment of these protocols incurs additional resource requirements at the client and server. This may have a negative impact on system performance. In this paper, we consider a scenario where users request information pages stored on a web server, and some of the requests require secure communication. An analytic model is developed to study the performance of a web server based on SSL. In our model, the details of the client-server interactions found in a typical SSL session are represented explicitly. Input parameters to this model are obtained by measuring an existing SSL implementation. Numerical examples on the performance characteristics of SSL are presented.


Service Time Secure Communication Secure Socket Layer Transport Layer Security Delay Server 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Gregory B. White, Eric A. Fisch, Udo W. Pooch. Computer System and Network Security. CRC Press, Inc., New York, 1996.zbMATHGoogle Scholar
  2. 2.
    Kipp E.B. Hickman. SSL 2.0 Protocol Specification. February 1995.
  3. 3.
    Alan O. Freier, Philip Karlton, Paul C. Kocher. SSL 3.0 Protocol Specification. March 1996.
  4. 7.
    MasterCard International Incorporated, Visa International. The SET Specification 1.0, Dec. 1997.
  5. 8.
    Arthur Goldberg, Robert Buff, Andrew Schmitt. Secure Web Server Performance Dramatically Improved by Caching SSL Session Keys.Workshop on Internet Server Performance, SIGMETRICS’ 98, Madison, Wisconsin, June 1998.Google Scholar
  6. 9.
    George Apostolopoulos, Vinod Peris, Debanjan Saha. Transport Layer Security: How much does it really cost? Proc. INFOCOM’ 99, New York, March 1999.Google Scholar
  7. 10.
    The Standard Performance Evaluation Corporation. SPECweb96 Benchmark, 1996.
  8. 11.
    Chris Le Tocq, Steve Young. Set Comparative Performance Analysis: Gartner Group White Paper.
  9. 12.
    T.J. Hudson, E.A. Young. SSLeay Programmer Reference. January 1996.
  10. 13.
    T. Dierks, C. Allen. RFC2246: The TLS Protocol Version 1.0, January 1999.Google Scholar
  11. 14.
    F. Baskett, K.M. Chandy, R.R. Muntz, F.G. Palacios. Open, Closed and Mixed Network of Queues with Different Classes of Customers. Journal of the ACM 22(2), April 1975, 248–260.zbMATHCrossRefMathSciNetGoogle Scholar
  12. 15.
    J.D. Little. A Proof of the Queueing Formula L = λW. Operations Research 9(3), 1961, 383–387.zbMATHMathSciNetCrossRefGoogle Scholar
  13. 16.
    W. Richard Stevens. UNIX Network Programming, Volume 1, Second Edition: Networking APIs: Sockets and XTI. Prentice Hall, Upper Saddle River, New Jersey, 1998.Google Scholar
  14. 17.
    A.J. Menezes, P.C. van Oorschot, S.A. Vanstone. Handbook of Applied Cryptography. CRC Press, New York, 1997.zbMATHGoogle Scholar
  15. 18.
    J.W. Wong. Queueing Network Models for Computer Systems. Ph.D. thesis, University of California at Los Angeles, 1975.Google Scholar
  16. 19.
    Rainbow Technologies Company. Secure Web Server and VPN (IPSec) Acceleration.
  17. 20.
    Special Issue on Web Performance, IEEE Network 14(3), May/June 2000.Google Scholar
  18. 21.
    The Standard Performance Evaluation Corporation. SPECweb99 Benchmark, 1999.
  19. 22.
    R. Hariharan, W. K. Ehrlich, D. Cura, P. K. Reeser. End to End Performance Modeling of Web Server Architectures. Performance Evaluation Review 28(2) September 2000, 57–63.CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2000

Authors and Affiliations

  • Xiaodong Lin
    • 1
  • Johnny W. Wong
    • 1
  • Weidong Kou
    • 2
  1. 1.Department of Computer ScienceUniversity of WaterlooWaterloo, OntarioCanada
  2. 2.E-Business Technology InstituteUniversity of Hong KongHong Kong

Personalised recommendations