Above calculation shows that the Audit Bus substantially adds to the cost. Here's the same calculation without Audit Bus.
Table 6:Table 6.3: Cost of TAS3 single use scenario without auditing
| Operation | IdP + Disc. | Frontend | FE PDP | Responder | Rs PDP |
|---|---|---|---|---|---|
| 1. SSO | 1T+2S+2X=5.5 | 3T+2S+4X=10.5 | T+S+2X+Z=5 | ||
| 2. Discovery | 1T+2S+2X=5.5 | T+S+X=3.5 | |||
| 3. Trust & Priv. | T+2X=3.5 | T+2X=3.5 | |||
| 4. Rq Out PEP | T+2X=3.5 | 1T+1S+3X+1Z=6 | |||
| 5. Send request | 1T+1S+1X=3.5 | 1T+2S+1X=4.5 | |||
| 6. Rs In PEP | T+2X=3.5 | 1T+1S+3X+1Z=6 | |||
| 7. Payload | 0 | ||||
| 8. Rs Out PEP | T+2X=3.5 | 1T+1S+3X+1Z=6 | |||
| 9. Send response | S+X=2 | S+X=2 | |||
| 10. Rq In PEP | T+2X=3.5 | T+S+3X+Z=6 | |||
| 11. Process Obli | T+X=2.5 | T+X=2.5 | |||
| 12. SLO | T+S+2X=4.5 | T+S+2X=4.5 | |||
| TOTAL | 4T+5S+8X=19 | 9T+6S+14X=33.5 | 3T+3S+8X+3Z=17 | 4T+3S+7X=16 | 3T+2S+8X+2Z=15.5 |
The grand total without auditing is 23T+19S+45X+5Z=101 RSA operation equivalents. As can be seen, the Audit Bus represents 63% of the total cost. Most of the Audit Bus cost is actually caused by requirement to contact the bus and authorize the sending of messages. A future revision of the architecture will explore the possibility of persistent connection to the Audit Bus. This would significantly reduce the T, t, S, and Z aspects of the Audit Bus processing, though at least one signature overhead will be needed at the message source to ensure untamperability of the audit trail.
Another optimization would be to improve the authorization step of the Audit Bus, perhaps co-locating the Audit Bus PDP with the Audit Bus itself.