Scalable Methodology for Performance-based Selection of Security Services for Distributed Systems

Distributed systems are shared by a large number of users that generate task-based workloads. The sharing of hardware and software by multiple workloads mandates the need for security mechanisms that protect the artifacts of individual tasks. Additionally, these systems must meet user-based performance expectations, a factor that must be addressed during the security service selection process. Current performance-based security service selection methodologies use flat GSPN models that suffer from exponential evaluation complexity as the model size increases. Due to this limitation, these methodologies cannot evaluate models representing the scale of current distributed systems.;To address the evaluation complexity problem the hierarchical methodology presented in this report was designed to avoid the system size limitations of the current flat GSPN model-based methodologies. The methodology relies only on general performance models capable of modeling platform-independent systems designs. The refactoring methodology uses a divide-and-conquer approach to evaluate the entire system model. Using model-refactoring techniques the input model is modified into a hierarchy of subsystem models using abstraction to isolate performance measurement to component level. This technique further increases the effectiveness of the performance evaluation by avoiding the duplicate evaluation of identical components. Therefore increasing the number of alternate security service components results in a linear complexity growth of the entire system model. Thus, the limiting factor of the hierarchical methodology is the size of the largest component rather than the previous system size limitation.;The experimental results show that the hierarchical model-based methodology is able to scale beyond system model sizes that can be evaluated using current flat GSPN-based performance evaluation methodologies. This scalability improvement implies that the hierarchical technique can evaluate models containing up to 50 individual components using the current GSPN tools. Thus the contribution of this hierarchical technique will continue to improve with subsequent advancements in GSPN model evaluation techniques.