A novel mechanism for improving performance and security of TCP flows over satellite links

Abstract

Satellite based broadband networks are gaining importance due to their distance insensitivity and high bandwidth availability. Although it is possible to transmit Internet traffic through satellite network, it has been observed that many of the IP related protocols (especially transmission control protocol) do not perform well in the satellite environment due to the high latency and variable round trip time (RTT) offered by the satellite network. Some of the researchers have suggested using performance enhancement proxies (PEP) at strategic locations to improve the transmission control protocol (TCP) performance over the satellite network. However usage of end-to-end security mechanism like IPSec affects the PEP's functioning as the encryption mechanisms generally hide the TCP header information along with the data from intermediate nodes. While other approaches suggest either establishing multiple security associations or sacrificing end-to-end security by using less secure mechanisms like secure shell (SSL) or transport layer security (TLS), the authors of this paper propose a simpler solution for PEP and end-to-end security coexistence. The proposed solution achieves the coexistence of PEP and end-to-end security with minimal overhead as compared to the solutions proposed by other researchers. Initial analysis carried out by the authors indicates a significant overhead reduction and performance improvement in the proposed solution as compared to the other approaches