Implementation and performance evaluation of embedded IPsec in microkernel OS

2015 World Symposium on Computer Networks and Information Security (WSCNIS) Pub Date : 2015-09-01 DOI:10.1109/WSCNIS.2015.7368294

Mohammad Hamad, V. Prevelakis

{"title":"Implementation and performance evaluation of embedded IPsec in microkernel OS","authors":"Mohammad Hamad, V. Prevelakis","doi":"10.1109/WSCNIS.2015.7368294","DOIUrl":null,"url":null,"abstract":"The rapid development of the embedded systems and the wide use of them in many sensitive fields require safeguarding their communications. Internet Protocol Security (IPsec) is widely used to solve network security problems by providing confidentiality and integrity for the communications in the network, but it introduces communication overhead. This overhead becomes a critical factor with embedded systems because of their low computing power and limited resources. In this research, we studied the overhead of using embedded IPsec in constrained resource systems, which run microkernel operating system (OS), in terms of the network latency and throughput. To conduct our experiment first, we ran the test with an unmodified network stack, and then we ran the same test with the modified network stack which contains the IPsec implementation. Later, we compared the results obtained from these two sets of experiments to examine the overhead. Our research demonstrated that the overhead imposed by IPsec protocols is small and well within the capabilities of even low cost microcontrollers such as the one used in the Raspberry Pi computer.","PeriodicalId":253256,"journal":{"name":"2015 World Symposium on Computer Networks and Information Security (WSCNIS)","volume":"43 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 World Symposium on Computer Networks and Information Security (WSCNIS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/WSCNIS.2015.7368294","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 6

Abstract

The rapid development of the embedded systems and the wide use of them in many sensitive fields require safeguarding their communications. Internet Protocol Security (IPsec) is widely used to solve network security problems by providing confidentiality and integrity for the communications in the network, but it introduces communication overhead. This overhead becomes a critical factor with embedded systems because of their low computing power and limited resources. In this research, we studied the overhead of using embedded IPsec in constrained resource systems, which run microkernel operating system (OS), in terms of the network latency and throughput. To conduct our experiment first, we ran the test with an unmodified network stack, and then we ran the same test with the modified network stack which contains the IPsec implementation. Later, we compared the results obtained from these two sets of experiments to examine the overhead. Our research demonstrated that the overhead imposed by IPsec protocols is small and well within the capabilities of even low cost microcontrollers such as the one used in the Raspberry Pi computer.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

嵌入式IPsec在微内核操作系统中的实现及性能评价

嵌入式系统的迅速发展和在许多敏感领域的广泛应用要求对其通信进行安全保护。IPsec (Internet Protocol Security)通过为网络中的通信提供保密性和完整性，被广泛用于解决网络安全问题，但它带来了通信开销。这种开销成为嵌入式系统的一个关键因素，因为它们的计算能力较低，资源有限。在本研究中，我们从网络延迟和吞吐量方面研究了在运行微内核操作系统(OS)的受限资源系统中使用嵌入式IPsec的开销。为了进行实验，我们首先使用未修改的网络堆栈运行测试，然后使用包含IPsec实现的修改后的网络堆栈运行相同的测试。稍后，我们比较了从这两组实验中获得的结果，以检查开销。我们的研究表明，IPsec协议带来的开销很小，甚至在低成本微控制器(如Raspberry Pi计算机中使用的微控制器)的能力范围内。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2015 World Symposium on Computer Networks and Information Security (WSCNIS)

自引率

0.00%

发文量