Performance Issues
It should come as no surprise that data transfer with SSL, on account of all the cryptographic processing, is slower than TCP. Security doesn't come free. Given that, you, an implementer and designer, should understand the extent and nature of this slowness and be able to assess its impact on user experience or response time and system capacity or number of concurrent users. As SSL adds no additional functionality on top of TCP, it is fairly straightforward to get an idea of the overhead by simply running the same program twice, once over TCP and then over SSL. We use a simple benchmark program, consisting of a client and server, to observe the overhead of SSL for making connections and for exchanging messages.
However, you ...
Get J2EE™ Security for Servlets, EJBs and Web Services: Applying Theory and Standards to Practice now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
