Modeling and Tuning Security from a Quality of Service Perspective

Abstract: Security has traditionally been thought of as a system or network attribute that was the result of the joint endeavors of the designer, maintainer and user, among others. Even though security can never reach a level of 100%, the aim has been to provide as much security as possible, given the boundary conditions in question. With the advent of, e.g., many low-power computing and communication devices it has become desirable to trade security against other system parameters, such as performance and power consumption. Thus, in many situations, tunable or selectable security, rather than maximal security, is desirable. The overall focus of this thesis is therefore how security with a tunable level could be achieved and traded against other parameters. To this end, basic security primitives, such as the intrusion process, flaws, and impairments, are studied. This contributes to a deeper understanding of fundamental problems and paves the way for security modeling. This part of the work provides a great deal of experimental data that are also used for modeling purposes. Attempts to model and systemize security are made based on the knowledge thus achieved. The relation between security and dependability is touched upon, and the use of physical separation to achieve certain desirable security properties is pointed out. However, most of the modeling research is devoted to suggesting methods for achieving different security levels, i.e., tuning security, in particular for networked applications. Here, the widespread Quality of Service (QoS) concept turns out to be a proper means to embed this novel concept, and a taxonomy for tunable data protection services is suggested. Two data protection services are developed in order to test and verify the concept of tunable security. The evaluations are limited to networked applications and confidentiality through selective encryption schemes. The tests show good agreement between experimental and theoretical results.It is clear that future applications will require security that can be set to a desired level in order to optimize total system performance. This thesis shows that this is possible and gives some ideas as to how selectable security can be generally attainable.