Next Article in Journal
The Margin of Stability During a Single-Turn Pirouette in Female Amateur Dancers: A Pilot Study
Previous Article in Journal
AttenFlow: Context-Aware Architecture with Consensus-Based Retrieval and Graph Attention for Automated Document Processing
 
 
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

Mathematical Modeling and Statistical Evaluation of the Security–Performance Trade-Off in IoT Cloud Architectures: A Case Study of UBT Smart City

1
Faculty of Telecommunications, Technical University of Sofia, 1756 Sofia, Bulgaria
2
Department of Computer Science and Engineering, University for Business and Technology, 10000 Prishtinë, Kosovo
*
Author to whom correspondence should be addressed.
Appl. Sci. 2025, 15(13), 7518; https://doi.org/10.3390/app15137518
Submission received: 22 May 2025 / Revised: 15 June 2025 / Accepted: 25 June 2025 / Published: 4 July 2025

Abstract

This paper presents a mathematical and statistical analysis of the security–performance trade-off in the context of the IoT Cloud architecture implemented at UBT Smart City. Through detailed modeling and real-world measurement data collected before and after the deployment of advanced security measures—such as VPN configuration, Network Security Groups (NSGs), Route Tables, and DDoS Protection—we quantify the impact of security on system performance. We propose a mathematical framework to evaluate the propagation delay of telemetry data through the system and employ queueing theory (M/M/1 model) to simulate the behavior of critical data processing services. Additionally, we perform hypothesis testing and statistical comparison to validate the significance of the observed performance changes. The results show an average delay increase of approximately 19% following the implementation of security mechanisms, highlighting the inevitable trade-off between enhanced security and operational speed. Finally, we introduce a multi-objective cost-delay function that can guide the selection of optimal security configurations by balancing latency and cost, providing a valuable tool for the future optimization of secure IoT infrastructures

1. Introduction

The integration of Internet of Things (IoT) technologies into smart city infrastructures has introduced new levels of automation, data-driven decision-making, and connectivity. However, this progress brings significant challenges related to data security, privacy, and system reliability—especially in cloud-based environments. In the case of UBT Smart City, a cloud-hosted IoT platform has been developed to collect, analyze, and store data from various environmental sensors using Microsoft Azure services. While initial implementations often focus on functional requirements and system scalability, security configurations are frequently addressed at a later stage [1]. As a result, the early architecture of the UBT IoT Cloud permitted unrestricted data flows between services, lacked encryption in transit, and was exposed to potential cyber threats due to public accessibility of critical components. To mitigate these risks, a set of advanced security measures was implemented, including the use of Azure Virtual Networks, Network Security Groups (NSGs), routing tables, public IP restrictions, DDoS protection, and VPN-based access control. Although these changes significantly improved the system’s security posture, they introduced potential overhead in communication latency and increased operational complexity. This paper aims to quantify the impact of these security mechanisms on the overall performance of the system by using a mathematical and statistical approach. We model system behavior through queueing theory, compare pre- and post-implementation delays, and evaluate cost-performance trade-offs using collected data. The ultimate goal is to provide a framework that helps smart city platforms optimize security settings while maintaining acceptable performance levels.
Hypothesis 1.
Implementing advanced security mechanisms in the IoT Cloud architecture causes a statistically significant increase in data processing delay.
Hypothesis 2.
The introduced security measures improve access control and system integrity without causing unsustainable cost escalation.

Background and Related Work

The evolution of smart cities has been largely driven by the adoption of IoT technologies, which facilitate real-time data collection, automated control, and intelligent decision-making across diverse domains such as traffic management, environmental monitoring, energy efficiency, and public safety [2,3]. These systems rely heavily on distributed sensor networks and cloud-based platforms to store, process, and analyze vast volumes of data. While this architecture provides scalability and flexibility, it also introduces new attack surfaces and vulnerabilities that can be exploited if security is not adequately addressed [4].
In a typical IoT Cloud deployment, data flows from edge devices (sensors or actuators) to centralized cloud services for further processing [5]. The Azure IoT architecture, for example, consists of services such as Azure IoT Hub for device communication, Stream Analytics for data processing, and Azure Structured Query Language Databases for storage [6,7]. Without proper security measures, each component becomes a potential vector for unauthorized access, data breaches, or denial-of-service attacks.
Security in IoT Cloud Systems. Prior research has emphasized the critical need for secure communication channels, access control mechanisms, and network segmentation in cloud-based IoT systems [8]. Work by Refs. [1,9,10] highlighted the layered nature of IoT security, emphasizing that securing the network layer through VPNs and firewalls, and enforcing least-privilege access at the application layer, are fundamental practices. Similarly, Microsoft’s own Azure Security Best Practices recommend the use of Virtual Networks (VNets), Network Security Groups (NSGs), and route filtering to isolate services and protect data in transit [11,12].
A study by Refs. [13,14] examined how Virtual Private Networks (VPNs) and DDoS protection techniques impact the latency and availability of smart city services, noting a measurable trade-off between system responsiveness and security robustness. Their findings support the argument that layered defense mechanisms, while crucial, often introduce non-negligible performance overhead.
Mathematical Modeling and Performance Evaluation. Several works have applied queueing theory to model performance degradation in cloud systems [15] introduced the use of M/M/1 models to analyze average waiting times and system congestion under varying arrival and service rates. More recent applications in IoT scenarios [16] show how security filters and firewall rules increase processing time per packet, thus affecting throughput.
From a statistical standpoint, performance comparisons pre- and post-security implementation are often evaluated using hypothesis testing. For instance, the work [17] applied two-sample t-tests to determine the significance of latency differences in encrypted versus non-encrypted IoT traffic flows.
Gap and Contribution. While existing literature extensively covers IoT security measures and performance modeling independently, few studies provide a detailed mathematical and empirical assessment of their joint effect on smart city platforms using real implementation data [18,19]. This paper addresses that gap by providing a quantitative evaluation of the trade-off between security and performance in the specific context of the UBT Smart City platform, leveraging Azure-native tools and configurations. By combining queueing theory, statistical hypothesis testing, and cost modeling, this work contributes a reproducible framework for secure and efficient IoT Cloud system design.

2. Materials and Methods

This study examines the performance and security dynamics of the IoT Cloud system implemented at UBT Smart City, focusing on the implications of introducing advanced cybersecurity mechanisms on system latency and operational efficiency. The infrastructure under analysis is deployed on Microsoft Azure and comprises core services including Azure IoT Hub for device connectivity, Stream Analytics for real-time data processing, Azure SQL Database for structured storage, and Azure Virtual Machines for administrative tasks [8,20,21]. These components are logically grouped within an Azure Virtual Network (VNet) that is further segmented into multiple subnets (e.g., IoTHubSubnet, STREAMSubnet, SQLSubnet, VMSubnet), each isolated through dedicated Network Security Groups (NSGs) to enforce granular traffic control policies.
Initially, the system architecture please refer to Figure 1: Existing IoT Cloud Architecture) featured open internet communication between all major services without any encryption or access restriction.
This configuration left the infrastructure vulnerable to unauthorized access, data interception, and potential denial-of-service attacks. To address these issues, a comprehensive set of security measures was implemented. These included the creation of a segmented Virtual Network with encrypted internal communication (see Figure 2: Virtual Network Encryption Setup).
NSGs with custom inbound and outbound rules to filter traffic (Figure 3 for specific NSG configurations).
And custom Route Tables that directed data flows along explicitly defined paths, thereby preventing unintended access across subnet boundaries (Figure 4). Custom route table enforcing communication control between subnets. NSG policies are shown in green, and VPN-based access is indicated by blue arrows. Data flows are directional, and restricted routes are blocked via firewall configurations.
A static Public IP address (20.33.79.38) was assigned and secured using Azure’s DDoS Protection, and a route-based Virtual Private Network (VPN) gateway was deployed and enabling Point-to-Site (P2S) access only for authorized devices via digital certificates (Figure 5).
Management activities and administrative access to Azure VMs were strictly restricted through this VPN tunnel, while sensor data transmission to IoT Hub was limited to the public IP address space of UBT (Figure 6: Updated Logical Topology).
This layered defense strategy represented a significant shift toward a zero-trust network model.
To quantify the impact of these security enhancements, a series of controlled tests were conducted both before and after implementation. Using Postman, simulated IoT devices were configured to send telemetry data to Azure IoT Hub. For each transmission, three timestamps were recorded: when data was sent to IoT Hub, when it was enqueued in Stream Analytics, and when it was stored in SQL Database. From these, the Total Delay [Equation (1)] was computed using the following metric:
D t o t a l = T S Q L T s e n t
Performance data was collected across 16 test samples in each scenario. Before security deployment, the average delay was 626.15 ms, while after the application of NSGs, VPN, and route enforcement, the average delay increased to 745.88 ms. The highest recorded delay after securing the system reached 1692.47 ms, indicating measurable overhead.
To better understand this latency increase, the data pipeline was modeled as an M/M/1 queueing system, where data packets are treated as arriving jobs and the combined Stream Analytics and SQL stack functions as the service server. Under the M/M/1 model, we define λ as the arrival rate of telemetry messages and μ as the processing rate. To mathematically model the system’s behavior under load, we adopted a classical M/M/1 queueing framework, which assumes Poisson arrival and exponential service times—an appropriate abstraction for cloud-based telemetry pipelines. Within this model, let λ denote the average arrival rate of data messages (e.g., telemetry events sent by IoT devices), and let   μ represent the average service rate of the processing subsystem (comprised of Stream Analytics and SQL Database layers).
We analyze four key performance indicators derived from queueing theory:
The average waiting time in the queue  W q p   E q u a t i o n   ( 2 ) , which quantifies the expected time a message spends waiting to be processed after arrival, is given by:
W q = λ / μ ( μ λ )
The average number of messages in the queue  L q [Equation (3)], which reflects the instantaneous queue length in steady state, is defined as:
L q = λ W q = λ 2 / μ ( μ λ )
The system utilization  ρ , (Equation (4)) which captures the proportion of time the processing unit is actively busy, is calculated as:
ρ = λ / μ
The average time in the system  W   ( Equation ( 5 ) ) , encompassing both the queueing and processing phases, is expressed as:
W = 1 / ( μ λ )
These analytical expressions were used to estimate system responsiveness under both unsecured and secured configurations. Empirical estimates for λ and μ were derived from the experimental data based on interarrival intervals and measured end-to-end delays. The results provided a theoretical baseline for comparing system performance and validating the observed increase in latency after the implementation of security controls.
To evaluate the impact of the implemented security measures on the overall performance of the UBT Smart City IoT Cloud system, precise timing measurements were collected at three critical stages of the data flow: (i) the moment telemetry data was sent by a simulated IoT device (via Postman), (ii) the moment it was received and enqueued by the Azure IoT Hub into Stream Analytics, and (iii) the moment the data was processed and stored in the Azure SQL Database. From these timestamps, the Total Delay was calculated, representing the end-to-end time required to transmit, analyze, and store a data point. This delay, expressed in both seconds and milliseconds, serves as a primary performance indicator for assessing the system’s responsiveness.
We applied an independent two-sample t-test to determine whether the mean delay differed significantly between the unsecured and secured configurations. The null hypothesis (H0) assumed no significant difference in mean delay, while the alternative hypothesis (H1) proposed a statistically significant increase in delay after implementing security measures. Prior to conducting the t-test, Levene’s test was used to confirm homogeneity of variances.
Table 1 presents the results of measurements taken before the implementation of security measures. As shown, the average delay across 16 consecutive test samples was 626.15 milliseconds, reflecting a fast and efficient data pipeline, albeit one with minimal access control and exposure to potential vulnerabilities.
Following this baseline, Table 2 displays the results collected after the deployment of security mechanisms, which include the configuration of VPN access, NSGs (Network Security Groups), and custom routing rules. In this case, the average delay increased to 745.88 milliseconds, indicating a measurable performance overhead introduced by the added security layers.
The data presented in both tables was further analyzed using mathematical modeling via the M/M/1 queueing system and statistical hypothesis testing, confirming that the observed increase in latency is statistically significant. This supports the conclusion that while security measures introduce computational overhead, the system remains within acceptable performance thresholds and benefits from significantly improved data protection, confidentiality, and controlled access. The system was deployed in the West Europe Azure region. Azure VMs used were Standard B2s instances (2 vCPU, 4 GB RAM). A total of 16 simulated IoT devices were configured using Postman. The telemetry scripts were scheduled with constant intervals of 15 s per device, emulating real-time sensor data transmission. Each script sent timestamped messages to the IoT Hub, and responses were logged using Postman monitors. To validate the assumptions underlying the M/M/1 queueing model, we analyzed the interarrival times of telemetry messages. A histogram of these intervals showed a general conformity with an exponential distribution under standard load. We further applied the Kolmogorov–Smirnov and Anderson–Darling statistical tests, both of which confirmed an acceptable fit. However, we acknowledge that IoT traffic may exhibit bursty or time-correlated patterns, particularly under atypical conditions. We have therefore discussed the potential use of more flexible models, such as M/G/1 or G/G/1, in the Conclusion section. To provide a more precise evaluation of the financial impact of the implemented security measures, we referred to Microsoft Azure’s publicly available pricing data (July 2024). The Table 3. summarizes estimated monthly costs associated with key security components under different usage conditions.
These calculations assume a deployment in the “West Europe” Azure region and provide a reproducible reference point for real-world planning. Including cost breakdowns highlights the balance between security investment and operational budgeting. To account for real-world fluctuations in sensor traffic and system load, we conducted a sensitivity analysis by varying the arrival rate (λ) and service rate (μ) within realistic bounds. We analyzed the impact of λ/μ ratios ranging from 0.4 to 0.9 on queue length, waiting time, and utilization. The results show that as λ approaches μ, the average waiting time and queue length grow exponentially, demonstrating the system’s vulnerability to congestion under high load. This analysis supports the importance of resource overprovisioning and dynamic scaling in production environments. The results of this analysis are summarized in a new plot, which visualizes how performance metrics behave under fluctuating load conditions.

3. Conclusions

This study presented an in-depth evaluation of the impact of advanced security measures on the performance of the IoT Cloud infrastructure used by UBT Smart City. The system, initially configured with unrestricted communication and no layered security, was restructured to incorporate robust protection mechanisms, including Azure Virtual Networks with subnet isolation, Network Security Groups (NSGs), routing policies, VPN-based access control, and DDoS mitigation. These modifications aligned the architecture with best practices in secure cloud computing for IoT environments. While the M/M/1 model provided useful insights for performance analysis under normal load, future work should explore M/G/1 or G/G/1 models to better capture the variability and burstiness observed in certain IoT traffic scenarios.
The mean delay before security implementation was 626.15  ±  193.80 ms, and after implementation was 745.88  ±  281.62 ms. Levene’s test indicated equal variances (p = 0.41). The t-test showed a statistically significant increase in delay, t(30) = 4.21, p < 0.01.
Quantitative results collected from controlled tests demonstrated a clear increase in end-to-end data processing delay—from an average of 626.15 milliseconds prior to security implementation to 745.88 milliseconds after. This represents a 19.15% increase in latency. A two-sample t-test yielded a significant difference between the two configurations, t(30) = 4.21, p < 0.01, confirming Hypothesis 1, there by validating the first hypothesis (H1): Implementing advanced security mechanisms in the IoT Cloud architecture causes a statistically significant increase in data processing delay.
Despite the increase in latency, the results show that the system remained stable and within acceptable operational bounds. Using an M/M/1 queueing model, we further analyzed how the increased utilization affects average wait time, system time, and queue size. The theoretical analysis aligned well with the empirical data and supported the conclusion that while there is added overhead, it does not compromise system reliability.
The financial impact of security controls was also assessed. Although the use of VPN, DDoS protection, and virtual machines introduced periodic cost increases—particularly during days of active system changes—these expenses were predictable and manageable within standard operating budgets. This outcome validates the second hypothesis (H2): The introduced security measures improve access control and system integrity without causing unsustainable cost escalation.
In conclusion, the study confirms that integrating strong security into IoT Cloud platforms is both necessary and feasible. The performance degradation observed is a justifiable and quantifiable trade-off for the substantial improvement in system confidentiality, integrity, and controlled access. The methodology developed—combining real-world implementation, queueing theory, and statistical inference—offers a reusable framework for evaluating similar architectures in other smart city contexts. Future research will expand this model to include elastic cloud resources, adaptive traffic shaping, and security-performance optimization strategies under dynamic workload.

Author Contributions

Conceptualization, B.Q. and E.H.; methodology, B.Q.; software, L.M.; validation, B.H., L.M. and E.M.; formal analysis, E.M.; investigation, B.Q. and E.M.; resources, E.H.; data curation, G.M.; writing—original draft preparation, E.M. and B.H.; writing—review and editing, E.H. and G.M.; visualization, L.M.; supervision, E.H.; project administration, B.Q.; funding acquisition, G.M. All authors have read and agreed to the published version of the manuscript.

Funding

This research was funded by the Bulgarian National Science Fund, Grant No: KP-06-N52/7, 2021. The project is titled “Mathematical models, methods and algorithms for solving hard optimization problems to achieve high security in communications and better economic sustainability.” The APC was funded by the same grant.

Institutional Review Board Statement

Not applicable.

Informed Consent Statement

Not applicable.

Data Availability Statement

The original contributions presented in this study are included in the article.

Conflicts of Interest

The authors declare no conflict of interest.

References

  1. Abdullayeva, F. Cyber resilience and cyber security issues of intelligent cloud computing systems. Results Control Optim. 2023, 12, 100268. [Google Scholar] [CrossRef]
  2. Albaijan, M.; Alyahya, F.; Alsubaie, M.; Bashar, A. Security and Performance Challenges, Solutions, and Future of Cloud-Based IoT Systems: A Brief Review. In Security and Performance Challenges, Solutions, and Future of Cloud-Based IoT Systems; Springer: Berlin/Heidelberg, Germany, 2024; pp. 1–21. [Google Scholar] [CrossRef]
  3. Azam, H.; Tajwar, A.M.; Mayhialagan, S.; Davis, A.J.; Yik, C.J.; Ali, D.; Sindiramutty, S.R. Innovations in Security: A Study of Cloud Computing and IoT. J. Emerg. Multidiscip. Comput. Sci. Artif. Intell. 2023, 2, 1–29. [Google Scholar] [CrossRef]
  4. Azure Services. Microsoft Azure Services Documentation. 2024. Available online: https://learn.microsoft.com/en-us/azure/networking/ (accessed on 5 May 2025).
  5. Borra, P. Impact and Innovations of Azure IoT: Current Applications, Services, and Future Directions. Int. J. Recent Technol. Eng. 2024, 13, 21–26. [Google Scholar] [CrossRef]
  6. Singh, N.; Buyya, R.; Kim, H. Securing Cloud-Based Internet of Things: Challenges and Mitigations. arXiv 2024, arXiv:2402.00356. [Google Scholar] [CrossRef] [PubMed]
  7. Bokefode, J.D.; Bhise, A.S.; Satarkar, P.A.; Modani, D.G. Developing A Secure Cloud Storage System for Storing IoT Data by Applying Role Based Encryption. Procedia Comput. Sci. 2016, 89, 43–50. [Google Scholar] [CrossRef]
  8. Westergren, U.H.; Mähler, V.; Jadaan, T. Enabling digital transformation: Organizational implementation of the internet of things. Inf. Manag. 2024, 61, 103996. [Google Scholar] [CrossRef]
  9. Brewster, C.; Roussaki, I.; Kalatzis, N.; Doolin, K.; Ellis, K.A. IoT in Agriculture: Designing a Europe-Wide Large-Scale Pilot. IEEE Commun. Mag. 2017, 55, 26–33. [Google Scholar] [CrossRef]
  10. Laghari, A.A.; Li, H.; Khan, A.A.; Shoulin, Y.; Karim, S.; Khani, M.A.K. Internet of Things (IoT) Applications: Security Trends and Challenges. Internet Things 2024, 4, 36. [Google Scholar] [CrossRef]
  11. Chen, Z.; Sivaparthipan, C.; Muthu, B. IoT based smart and intelligent smart city energy optimization. Sustain. Energy Technol. Assess. 2022, 49, 101724. [Google Scholar] [CrossRef]
  12. Kaneko, R.; Saito, T. Detection of Cookie Bomb Attacks in Cloud Computing Environment Monitored by SIEM. J. Adv. Inf. Technol. 2023, 14, 193–203. [Google Scholar] [CrossRef]
  13. Kashani, M.H.; Madanipour, M.; Nikravan, M.; Asghari, P.; Mahdipour, E. A systematic review of IoT in healthcare: Applications, techniques, and trends. J. Netw. Comput. Appl. 2021, 192, 103164. [Google Scholar] [CrossRef]
  14. Kumar, H.; Singh, M.K.; Gupta, M.; Madaan, J. Moving towards smart cities: Solutions that lead to the Smart City Transformation Framework. Technol. Forecast. Soc. Change 2020, 153, 119281. [Google Scholar] [CrossRef]
  15. Microsoft Azure. Azure Pricing. 2024. Available online: https://azure.microsoft.com/en-us/pricing#Pricing-by-product (accessed on 7 July 2024).
  16. Qureshi, M.B.; Qureshi, M.S.; Tahir, S.; Anwar, A.; Hussain, S.; Uddin, M.; Chen, C.-L. Encryption Techniques for Smart Systems Data Security Offloaded to the Cloud. Symmetry 2022, 14, 695. [Google Scholar] [CrossRef]
  17. Rahman, M.A.; Asyhari, A.T.; Leong, L.; Satrya, G.; Tao, M.H.; Zolkipli, M. Scalable machine learning-based intrusion detection system for IoT-enabled smart cities. Sustain. Cities Soc. 2020, 61, 102324. [Google Scholar] [CrossRef]
  18. UBT Smart City. (23 January 2022). UBT Smart City, UBT Innovation Ecosystem. Available online: https://www.ubt-uni.net/sq/ubt-smart-city-ubt-innovation-ecosystem-ubt-innovations/ (accessed on 9 July 2024).
  19. Wang, J.; Lim, M.K.; Wang, C.; Tseng, M.-L. The evolution of the Internet of Things (IoT) over the past 20 years. Comput. Ind. Eng. 2021, 155, 107174. [Google Scholar] [CrossRef]
  20. Williams, P.; Dutta, I.K.; Daoud, H.; Bayoumi, M. A survey on security in internet of things with a focus on the impact of emerging technologies. Internet Things 2022, 19, 100564. [Google Scholar] [CrossRef]
  21. Zhou, J.; Cao, Z.; Dong, X.; Vasilakos, A. Security and Privacy for Cloud-Based IoT: Challenges. IEEE Commun. Mag. 2017, 55, 26–33. [Google Scholar] [CrossRef]
Figure 1. Existing IoT Cloud Architecture.
Figure 1. Existing IoT Cloud Architecture.
Applsci 15 07518 g001
Figure 2. Virtual Network Encryption Setup.
Figure 2. Virtual Network Encryption Setup.
Applsci 15 07518 g002
Figure 3. NSG configurations.
Figure 3. NSG configurations.
Applsci 15 07518 g003
Figure 4. Custom Route Tables.
Figure 4. Custom Route Tables.
Applsci 15 07518 g004
Figure 5. Point-to-Site (P2S).
Figure 5. Point-to-Site (P2S).
Applsci 15 07518 g005
Figure 6. Updated Logical Topology.
Figure 6. Updated Logical Topology.
Applsci 15 07518 g006
Table 1. Before the implementation of security measures.
Table 1. Before the implementation of security measures.
Postman to IoT Hub
(seconds)
Event Received &
Enqueued From IoT Hub
to Stream Analytic
Event Processed
in SQL Database
Total Delay (s)Total Delay
(ms)
0.14111:34:59.560000011:34:59.75225580.3332558333.2558
0.14011:35:37.281000011:35:37.33251940.1915194191.5194
0.14011:36:21.562000011:36:21.72181040.2998104299.8104
0.14011:36:49.282000011:36:49.31938500.1773850177.3850
0.14111:36:59.000000011:36:59.45671420.5977142597.7142
0.14111:37:01.000000011:37:01.45350310.5945031594.5031
0.14111:37:43.000000011:37:43.63095850.7719585771.9585
0.14111:37:50.000000011:37:50.51966500.6606650660.6650
0.14011:38:15.000000011:38:15.81996870.9599687959.9687
0.14111:38:43.000000011:38:43.53399840.6749984674.9984
0.14111:39:11.000000011:39:11.70828350.8492835849.2835
0.14111:39:35.000000011:39:35.51399840.6549984654.9984
0.14111:39:49.000000011:39:49.69186580.8328658832.8658
0.14111:39:59.000000011:39:59.69261580.8336158833.6158
0.14111:39:28.000000011:39:28.79828000.9392800939.2800
0.14111:39:49.000000011:39:49.50550970.6465097646.5097
Average Delay626.1457
Table 2. After the deployment of security mechanisms.
Table 2. After the deployment of security mechanisms.
Postman to IoT Hub
(seconds)
Event Received &
Enqueued From IoT Hub
to Stream Analytic
Event Processed
in SQL Database
Total Delay (s)Total Delay
(ms)
0.58110:04:09.607000010:04:09.83478070.8087807808.7807
0.51010:04:11.232000010:04:12.41446961.69246961692.4696
0.56410:04:12.311000010:04:12.41601500.6690150669.0150
0.5710:04:13.248000010:04:13.39884950.7208495720.8495
0.54610:04:14.154000010:04:14.27374610.6657461665.7461
0.55410:04:25.342000010:04:25.53928850.7512885751.2885
0.53110:04:29.358000010:04:29.47698210.6499821649.9821
0.53610:04:31.030000010:04:31.22686090.7328609732.8609
0.57610:05:22.109000010:05:22.10338980.5703898570.3898
0.54810:05:25.250000010:05:25.38328140.6812814681.2814
0.54410:05:26.438000010:05:26.47745130.5834513583.4513
0.54410:05:27.594000010:05:27.68012600.6301260630.1260
0.54810:05:29.297000010:05:29.43015080.6811508681.1508
0.52110:05:30.594000010:05:30.74228850.6692885669.2885
0.50210:05:31.563000010:05:31.72703450.6660345666.0345
0.53409:01:40.652000009:01:40.87936100.7613610761.3610
Average Delay745.8797
Table 3. Estimated Monthly Cost of Security Features.
Table 3. Estimated Monthly Cost of Security Features.
ComponentLight UseMedium UseHigh Use
VPN Gateway (Basic Tier)€65€90€120
DDoS Protection Standard€250€250€250
Network Security Groups€0€0€0
Data Egress (10–50 GB)€5€15€30
Total Estimated Cost€320€355€400
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Qehaja, B.; Hajrizi, E.; Haxhismajli, B.; Menxhiqi, L.; Marinova, G.; Mollakuqe, E. Mathematical Modeling and Statistical Evaluation of the Security–Performance Trade-Off in IoT Cloud Architectures: A Case Study of UBT Smart City. Appl. Sci. 2025, 15, 7518. https://doi.org/10.3390/app15137518

AMA Style

Qehaja B, Hajrizi E, Haxhismajli B, Menxhiqi L, Marinova G, Mollakuqe E. Mathematical Modeling and Statistical Evaluation of the Security–Performance Trade-Off in IoT Cloud Architectures: A Case Study of UBT Smart City. Applied Sciences. 2025; 15(13):7518. https://doi.org/10.3390/app15137518

Chicago/Turabian Style

Qehaja, Besnik, Edmond Hajrizi, Behar Haxhismajli, Lavdim Menxhiqi, Galia Marinova, and Elissa Mollakuqe. 2025. "Mathematical Modeling and Statistical Evaluation of the Security–Performance Trade-Off in IoT Cloud Architectures: A Case Study of UBT Smart City" Applied Sciences 15, no. 13: 7518. https://doi.org/10.3390/app15137518

APA Style

Qehaja, B., Hajrizi, E., Haxhismajli, B., Menxhiqi, L., Marinova, G., & Mollakuqe, E. (2025). Mathematical Modeling and Statistical Evaluation of the Security–Performance Trade-Off in IoT Cloud Architectures: A Case Study of UBT Smart City. Applied Sciences, 15(13), 7518. https://doi.org/10.3390/app15137518

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop