Abstract
Nowadays the success of many e-commerce applications, such as on-line banking, depends on their reliability, robustness and security. Designing a web server architecture that keeps these properties under high loads is a challenging task because they are the opposite to performance. The industry standard way to provide security on web applications is the use the Secure Socket Layer (SSL) protocol to create a secure communication channel between the clients and the server. Traditionally, the use of data encryption has introduced a negative performance impact over web application servers because it is an extremely CPU consuming task, reducing the throughput achieved by the server as well as increasing its average response time. As far as the revenue obtained by a commercial web application is directly related to the amount of clients that complete business transactions, the performance of such secure applications becomes a mission critical objective for most companies. In this paper we evaluate a novel hybrid web server architecture (implemented over Tomcat 5.5) that combines the best aspects of the two most extended server architectures, the multithreaded and the event-driven, to provide an excellent trade-off between reliability, robustness, security and performance. The obtained results demonstrate the feasibility of the proposed hybrid architecture as well as the performance benefits that this model introduces for secure web applications, providing the same security level than the original Tomcat 5.5 and improved reliability, robustness and performance, according to both technical and business metrics.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Amza, C., Chanda, A., Cecchet, E., Cox, A., Elnikety, S., Gil, R., Marguerite, J., Rajamani, K., Zwaenepoel, W.: Specification and implementation of dynamic web site benchmarks (2002)
Beltran, V., Carrera, D., Torres, J., Ayguadé, E.: Evaluating the scalability of java event-driven web servers. In: 2004 International Conference on Parallel Processing (ICPP 2004), pp. 134–142 (2004)
Beltran, V., Carrera, D., Torres, J., Ayguadé, E.: A hybrid web server architecture for e-commerce applications. In: The 11th International Conference on Parallel and Distributed Systems (ICPADS 2005), Fukuoka, Japan, July 20 - 22 (2005)
Chen, H., Mohapatra, P.: Session-based overload control in qos-aware web servers. In: INFOCOM (2002)
Guitart, J., Beltran, V., Carrera, D., Torres, J., Ayguadé, E.: Characterizing secure dynamic web applications scalability. In: 19th International Parallel and Distributed Processing Symposium, Denver, Colorado (USA), April 4-8 (2005)
IBM Research. Autonomic computing. See, http://www.research.ibm.com/autonomic
Jakarta Project. Apache Software Foundation. Tomcat. See, http://jakarta.apache.org/tomcat
Mosberger, D., Jin, T.: httperf: A tool for measuring web server performance. In: First Workshop on Internet Server Performance, June 1998, pp. 59–67. ACM Press, New York (1998)
Pai, V.S., Druschel, P., Zwaenepoel, W.: Flash: An efficient and portable Web server. In: Proceedings of the USENIX 1999 Annual Technical Conference (1999)
Dierks, T., Allen, C.: The TLS Protocol, Version 1.0. RFC 2246 (January 1999)
The Apache Software Foundation. Apache HTTP Server Project. See, http://httpd.apache.org
Welsh, M., Culler, D.E., Brewer, E.A.: SEDA: An architecture for well-conditioned, scalable internet services. In: Symposium on Operating Systems Principles, pp. 230–243 (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Beltran, V., Carrera, D., Guitart, J., Torres, J., Ayguadé, E. (2005). A Hybrid Web Server Architecture for Secure e-Business Web Applications. In: Yang, L.T., Rana, O.F., Di Martino, B., Dongarra, J. (eds) High Performance Computing and Communications. HPCC 2005. Lecture Notes in Computer Science, vol 3726. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11557654_45
Download citation
DOI: https://doi.org/10.1007/11557654_45
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-29031-5
Online ISBN: 978-3-540-32079-1
eBook Packages: Computer ScienceComputer Science (R0)