What are the trade-off choices between performance and security?

A trade-off decision that many solution architects struggle to make is what requirements to compromise if security and performance requirements conflict? Something which I saw many times in my long career. One point of view is that good user experience is linked primarily to the performance of the system since it does make sense to provide good functionality but without a responsive system. On the other hand, some architects would see that providing a maximum level of security would give a better user experience. This may be true, but have they considered system performance while adding all security measures?

This is a classical architectural problem where an architect needs to deal with trade-offs.  If you are adding data encryption, single sign-on (SSO) solutions, and database encryption, etc …, then you are risking the performance of the system especially if there are specific non-tolerated performance requirements that cannot be met if all security measures are applied.

Here are some questions to ask to discover the best solution

  1. Is it possible to tolerate some of the security/performance requirements?

Some requirements may be tolerated if they are well challenged and costs associated with them are well explained.

  1. What is the nature of the solution (e.g. real-time, web application, intranet site, etc …)?

It will be possible to have reference architecture by identifying the nature of the solution where some of the best practices could be adapted.

  1. Who is going to use the product?

Personas are very important to tailor solutions based on users which can help in trade-off decisions

  1. Will the solution be used by public or internal users?

Public products may require extra security measures, which may not be the case for internal products.

Many users are not fully aware of the cost associated with some of the security or performance requirements.  They may just through their needs overlooking huge costs that may be incurred if some of these requirements are implemented.  So, as a solution architect, you should explain such costs to them.  By doing so, they may consider other alternatives that may be cheaper and satisfying their needs at the same time without implementing their original requirements.

For example, a user may need a response time from a website page to be 0.01 ms.  However, it may be the case that real-time response is not a big deal, and response time could be tolerated for up to 1 second.  In this case, the user can spend less money and get what he needs without compromising the value of the website.

Another example is that when a user wants to encrypt network traffic data for an intranet site where this intranet site is a trusted network.  If there are costs associated with such encryption, then the user may choose not to encrypt and just leave it as normal traffic.

It is sometimes very difficult to satisfy the needs of all the users, but it is not impossible to reach out to a consensus amongst them if all possible alternatives are explained.  A good solution architect should be able to provide good options and make sure that these options are well explained and let the product owner(s) decide.


Document Actions