摘要
TLS(transport layer security)协议的基本设计目标是为两个通信实体之间提供数据的保密性和完整性.由于在传输层安全握手协议中最耗费计算资源的步骤是服务器RSA解密运算,优化的批处理的RSA方法提出可以用于加速 TLS 会话的初始化.首先指出了以前的批处理方法由于要求多证书实现而实用性不强.然后提出了单一证书策略的方法,从而克服了这一问题.还提出结合用户对于因特网服务质量的要求优化了批处理参数.为了选择优化的批处理的参数,不仅考虑了服务器的性能,而且还考虑了客户可容忍的等待时间.通过分析并在阐述平均排队时间、批处理服务时间和系统稳定性的基础上提出了一种新颖的优化批处理调度算法,已部署在服务器上.最后通过分析和模拟两种方法验证了所提出方案的实用性和有效性.
The primary goal of the Transport Layer Security (TLS) protocol is to provide confidentiality and data integrity between two communicating entities. Since the most computationally expensive step in the TLS handshake protocol is the server's RSA decryption, it is introduced that optimal batch RSA can be used to speedup TLS session initialization. This paper first indicates that the previous batch method is impractical since it requires a multiple of certificates, then it proposes the unique certificate scheme to overcome the problem. It is also introduced that the batching parameter is optimized when integrating users' requirements for Interact Quality of Service (QoS). To select the optimal batching parameters, not only the server's performance but also the client's tolerable waiting time is considered. Based on the analysis of the mean queue time, batching service time and the stability of the system, a novel batch optimal scheduling algorithm which is deployed in a batching Web server is proposed. Finally, the proposed algorithm is evaluated to be practical and efficient through both analysis and simulation studies.
出处
《软件学报》
EI
CSCD
北大核心
2007年第6期1522-1530,共9页
Journal of Software
基金
国家自然科学基金No.60503007
the CityU Research Project(APR)9610027
国家重点基础研究发展计划(973)No.2003CB317003
2006年度教育部"新世纪优秀人才支持计划"No.NCET-06-0686~~
