Article Preview
Top1. Introduction
Service-oriented architecture (SOA) facilitates dynamic organization of needed services to compose a system for performing application functions, where each service communicates with other services through messages. Distributed systems based on SOA are called service-based systems (SBS). Although message-based communication makes SBS easier to use services, the protection of the communication messages is a serious security concern of SBS.
Current research on SOA security mainly focuses on the protection of services from malicious consumers through authentication and authorization (Godik & Moses, 2003; Hallam-Baker & Mysore, 2005; Hallam-Baker & Mysore, 2005; Bajaj et al., 2004; Pashalidis & Mitchell, 2003) and the protection of messages through XML encryption and signature (Mactaggart, 2001). However, the impact of these security mechanisms on the systems' performance has not been well addressed. Security requirements are often in contrast to other performance requirements, like timeliness and throughput, which are usually determined by the availability of system resources. For example, when a VoIP service needs to provide secure voice communication, it sends the voice data to an encryption service, which will encrypt the voice data and then forward the encrypted voice data to the users of VoIP service. The encryption service increases the delay of VoIP service in two ways. First, the VoIP users need to wait for the encryption service to encrypt voice data, which increases the delay. Second, if the VoIP service and the encryption service are hosted on the same server, the encryption service may compete with the VoIP service for system resources, such as CPU and memory, and causes longer delay. Because VoIP service has strict timeliness requirements (Cheng & Li, 2000), without careful control on the encryption service’s negative impact on the VoIP service’s delay, the VoIP service may either do not use the encryption service at all or became useless due to unaffordable delay caused by the encryption service.
In this paper, we will present an adaptive approach to optimizing tradeoff between service performance and security in order to satisfy service performance and security requirements in service-based systems simultaneously (Yau, Ye, Sarjoughian, & Huang, 2008). Typically, the tradeoff between performance and security is implemented through controlling the number of system resources allocated for performance and security. This approach needs to model all system resources and control resource allocation strategy, which is usually controlled by operating systems. Our approach to the tradeoff is to adjust the security parameters, such as key length and encrypting percentage, which are much easier to control. The major distinction between our approach and existing approaches (Lie & Satyanarayanan, 2007; Yurcik, Woolam, Hellings, Khan, & Thuraisingham, 2007; Lu, Lu, Abdelzaher, Stankovic, & Son, 2006; Kang & Son, 2006; Son, Zimmerman, & Hansson, 2000; Spyropoulou, Levin, & Irvine, 2000; Yau, Yan, & Huang, 2007) is that our approach can achieve the best tradeoff by minimizing a tradeoff objective function developed from service performance and security metrics, instead of intuitively trying all possible combinations of security parameters and monitoring the resulting performance and security until the desirable tradeoff is reached. Hence, our approach can achieve the best tradeoff fast and does not need to change security parameters frequently. Our approach is based on a model with a set of metrics to quantitatively measure performance and security and a tradeoff objective function, which enable us to consider performance and security simultaneously. Our approach will be illustrated using a SBS composed of a security service that provides AES encryption for confidentiality and a traffic service that simulates communication in applications.