Service A is an agnostic service that currently uses message-layer security implemented by symmetric encryption. However, because Service A has recently been successfully attacked, it has been decided that asymmetric encryption needs to be used instead. The nature of the messages exchanged by Service A requires that only some parts of the message data need to be encrypted. Although it is agreed that asymmetric encryption is required, architects are concerned that it will adversely affect the service's runtime performance. Which of the following approaches will fulfill these security requirements with the least amount of performance degradation?
Currently there are no comments in this discussion, be the first to comment!