[cgl_discussion] RE: [cgl_specs] Latest draft on security
requirements
Mika Kukkonen
mika at osdl.org
Mon Nov 18 15:15:04 PST 2002
Just commenting one part (that I understand :-)
On pe, 2002-11-15 at 16:21, Makan Pourzandi (LMC) wrote:
> Hi Florence,
(...)
> > -----Original Message-----
> > From: Florence.Hussy at alcatel.fr [mailto:Florence.Hussy at alcatel.fr]
(...)
> > Page 6, Carrier grade context, minimum performance degradation:
> > It may be very difficult for some of the features described
> > in the document
> > to achieve the target of 5% / 10%. It should be stated that security
> > features having a significant impact on the performance of the system
> > should be configurable
> >
>
> Definitely, we have to discuss whether we want to put numbers or not.
> In my experience, during my discussions with development people when
> trying to sell them the security, this is a major issue. Whatever you
> tell them, the final decision depends greatly on the answer to the
> following question "what is the impact of all this on response
> time/performance... ?" It seems that the performance degradation is
> one of the major issues that distinguishes CGL from other kinds of
> servers. Do we want to go further and give numbers or not?
Yes, I still think we should for non-technical reasons stick to the
4-tier approach already in the document, i.e.:
1) no security features
2) security features with little (<1%) or no performance impact
3) security features with moderate impact, i.e. 5-10% hit
4) maximum amount of security features without worrying about their
performance cost
This makes it possible for non-technical people to make decisions :-)
--MiKu
--
"Good ideas do not die, they just lie down and get recycled." -- me
More information about the cgl_discussion
mailing list