Performance Analysis of Zero-Trust multi-cloud

Simone Rodigari; Donna O'Shea; Pat McCarthy; Martin McCarry; Sean; McSweeney

arXiv:2105.02334·cs.CR·May 7, 2021

Performance Analysis of Zero-Trust multi-cloud

Simone Rodigari, Donna O'Shea, Pat McCarthy, Martin McCarry, Sean, McSweeney

PDF

TL;DR

This paper evaluates the performance impact of implementing Zero Trust security in multi-cloud environments, focusing on latency, CPU, and memory usage using a proposed framework and testing workflow.

Contribution

It introduces the first performance analysis framework for Zero Trust in multi-cloud settings, assessing data plane and control plane impacts.

Findings

01

Istio reduces latency variability in HTTP responses

02

CPU and memory usage increase with service mesh configuration

03

Performance varies across different cloud environments

Abstract

Zero Trust security model permits to secure cloud native applications while encrypting all network communication, authenticating, and authorizing every request. The service mesh can enable Zero Trust using a side-car proxy without changes to the application code. To the best of our knowledge, no previous work has provided a performance analysis of Zero Trust in a multi-cloud environment. This paper proposes a multi-cloud framework and a testing workflow to analyze performance of the data plane under load and the impact on the control plane, when Zero Trust is enabled. The results of preliminary tests show that Istio has reduced latency variability in responding to sequential HTTP requests. Results also reveal that the overall CPU and memory usage can increase based on service mesh configuration and the cloud environment.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.