Skip to main content
SpringerLink
Log in

A Hybrid Web Server Architecture for Secure e-Business Web Applications

  • Conference paper
Book cover High Performance Computing and Communications (HPCC 2005)

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 3726))

Abstract

Nowadays the success of many e-commerce applications, such as on-line banking, depends on their reliability, robustness and security. Designing a web server architecture that keeps these properties under high loads is a challenging task because they are the opposite to performance. The industry standard way to provide security on web applications is the use the Secure Socket Layer (SSL) protocol to create a secure communication channel between the clients and the server. Traditionally, the use of data encryption has introduced a negative performance impact over web application servers because it is an extremely CPU consuming task, reducing the throughput achieved by the server as well as increasing its average response time. As far as the revenue obtained by a commercial web application is directly related to the amount of clients that complete business transactions, the performance of such secure applications becomes a mission critical objective for most companies. In this paper we evaluate a novel hybrid web server architecture (implemented over Tomcat 5.5) that combines the best aspects of the two most extended server architectures, the multithreaded and the event-driven, to provide an excellent trade-off between reliability, robustness, security and performance. The obtained results demonstrate the feasibility of the proposed hybrid architecture as well as the performance benefits that this model introduces for secure web applications, providing the same security level than the original Tomcat 5.5 and improved reliability, robustness and performance, according to both technical and business metrics.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Amza, C., Chanda, A., Cecchet, E., Cox, A., Elnikety, S., Gil, R., Marguerite, J., Rajamani, K., Zwaenepoel, W.: Specification and implementation of dynamic web site benchmarks (2002)

    Google Scholar 

  2. Beltran, V., Carrera, D., Torres, J., Ayguadé, E.: Evaluating the scalability of java event-driven web servers. In: 2004 International Conference on Parallel Processing (ICPP 2004), pp. 134–142 (2004)

    Google Scholar 

  3. Beltran, V., Carrera, D., Torres, J., Ayguadé, E.: A hybrid web server architecture for e-commerce applications. In: The 11th International Conference on Parallel and Distributed Systems (ICPADS 2005), Fukuoka, Japan, July 20 - 22 (2005)

    Google Scholar 

  4. Chen, H., Mohapatra, P.: Session-based overload control in qos-aware web servers. In: INFOCOM (2002)

    Google Scholar 

  5. Guitart, J., Beltran, V., Carrera, D., Torres, J., Ayguadé, E.: Characterizing secure dynamic web applications scalability. In: 19th International Parallel and Distributed Processing Symposium, Denver, Colorado (USA), April 4-8 (2005)

    Google Scholar 

  6. IBM Research. Autonomic computing. See, http://www.research.ibm.com/autonomic

  7. Jakarta Project. Apache Software Foundation. Tomcat. See, http://jakarta.apache.org/tomcat

  8. Mosberger, D., Jin, T.: httperf: A tool for measuring web server performance. In: First Workshop on Internet Server Performance, June 1998, pp. 59–67. ACM Press, New York (1998)

    Google Scholar 

  9. Pai, V.S., Druschel, P., Zwaenepoel, W.: Flash: An efficient and portable Web server. In: Proceedings of the USENIX 1999 Annual Technical Conference (1999)

    Google Scholar 

  10. Dierks, T., Allen, C.: The TLS Protocol, Version 1.0. RFC 2246 (January 1999)

    Google Scholar 

  11. The Apache Software Foundation. Apache HTTP Server Project. See, http://httpd.apache.org

  12. Welsh, M., Culler, D.E., Brewer, E.A.: SEDA: An architecture for well-conditioned, scalable internet services. In: Symposium on Operating Systems Principles, pp. 230–243 (2001)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. European Center for Parallelism of Barcelona (CEPBA), Computer Architecture Department, Technical University of Catalonia (UPC), C/ Jordi Girona 1-3, Campus Nord UPC, Mòdul C6, E-08034, Barcelona, Spain

    Vicenç Beltran, David Carrera, Jordi Guitart, Jordi Torres & Eduard Ayguadé

Authors
  1. Vicenç Beltran
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. David Carrera
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jordi Guitart
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jordi Torres
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Eduard Ayguadé
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, St. Francis Xavier University, Antigonish, Canada

    Laurence T. Yang

  2. School of Computer Science/Welsh eScience Centre, Cardiff University, UK

    Omer F. Rana

  3. Dipartimento di Ingegneria dell’ Informazione - Second, University of Naples - Italy, Real Casa dell’Annunziata - via Roma, 29 81031, Aversa (CE), Italy

    Beniamino Di Martino

  4. Computer Science Department, University of Tennessee, 37996-3450, Knoxville, TN, USA

    Jack Dongarra

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Beltran, V., Carrera, D., Guitart, J., Torres, J., Ayguadé, E. (2005). A Hybrid Web Server Architecture for Secure e-Business Web Applications. In: Yang, L.T., Rana, O.F., Di Martino, B., Dongarra, J. (eds) High Performance Computing and Communications. HPCC 2005. Lecture Notes in Computer Science, vol 3726. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11557654_45

Download citation

  • DOI: https://doi.org/10.1007/11557654_45

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-29031-5

  • Online ISBN: 978-3-540-32079-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation