Performance study of software-based iSCSI security

Shuang Yi Tang, Ying Ping Lu, David H Du

Research output: Chapter in Book/Report/Conference proceedingConference contribution

17 Scopus citations

Abstract

In this paper, we study possible iSCSI security different security requirements. To evaluate the performance of different security schemes, we conduct performance experiments using a software-based iSCSI implementation with proper security extensions. In data encryption schemes, we consider two alternatives, IP Security Protocol (IPSec) and Secure Socket Layer (SSL), and compare the resulting iSCSI performances with these two schemes. We find that the software-based iSCSI implementation offers reasonable throughput with a 2 GHz CPU at the network speed of 100Mbps; however, with a 1 GHz CPU, the software implementation is not capable of providing sufficient throughput with triple-DES encrypted storage data. In addition, we also find that IPSec ESP scheme has better performance when the requested data size is small, compared to SSL. Given that both performance and security are critical issues in the deployment of iSCSI, it is important to understand the tradeoffs between them. We believe that this study sheds some helpful light on this understanding.

Original languageEnglish (US)
Title of host publicationProceedings - 1st International IEEE Security in Storage Workshop, SISW 2002
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages70-79
Number of pages10
ISBN (Electronic)0769518885, 9780769518886
DOIs
StatePublished - Jan 1 2003
Event1st International IEEE Security in Storage Workshop, SISW 2002 - Greenbelt, United States
Duration: Dec 11 2002 → …

Publication series

NameProceedings - 1st International IEEE Security in Storage Workshop, SISW 2002

Other

Other1st International IEEE Security in Storage Workshop, SISW 2002
CountryUnited States
CityGreenbelt
Period12/11/02 → …

Fingerprint Dive into the research topics of 'Performance study of software-based iSCSI security'. Together they form a unique fingerprint.

Cite this