Performance Evaluation of Security Services: An Experimental Approach

Recent advances in wireless technologies have enabled pervasive connectivity to Internet scale systems which include heterogeneous mobile devices, such as mobile phones and personal digital assistants, a trend which is generally referred to as ubiquitous computing. This leads to the need for providing security functions to applications which are partially deployed over wireless devices. Delivering security services to mobile devices raises a number of challenging issues, mostly related to the limited amount of computing power which is typically available on the target plat-forms. Some promising solutions rely on multi-tier architectures, which are based on the emerging Web services technology. In this scenario, understanding the impact of architectural characteristics of specific platforms is a key issue for practitioners who have to develop and deploy efficient security-enabled applications on mobile devices. This paper provides an experimental study of the impact that specific characteristics of individual mobile device platforms have on the final performance of security applications. Focus is on performance and resource utilization, which are key aspects when one develops applications on mobile devices. The case study is a Web services based solution for delivering public key infrastructure (PKI) services to mobile devices. Experiments have been conducted on three different mobile terminals, which span a large range of characteristics in the class of resource-constrained devices. Results show that: i) performance figures are not uniform in spite of similar underlying hardware characteristics, and ii) security and performance are often conflicting requirements