Академический Документы
Профессиональный Документы
Культура Документы
Abstract: Today internet based e-commerce has become a over the Internet is traditionally provided using Secure
trend and business necessity. Secure Socket layer (SSL) is the Socket Layer (SSL). It is commonly used for secure http
world standard for cyber security. A SSL session contains connections where credit card information is going to be sent along
temporally and logically related request sequences from the a network and this gives e-commerce the confidence it needs
same client. In e-commerce session integrity is a critical metric. to allow on-line banking and shopping.. SSL provides and
Overload on server can lead e-commerce applications to encrypted bi-directional data stream, data is encrypted at the
considerable revenue losses, response times may grow to sender's end and decrypted at the receiver's end. It can
unacceptable levels and as a result the server may saturate or
perform mutual authentication of both the sender and
even crash .Session based admission control techniques is able
receiver of messages and ensure message confidentiality.
to control the server load . The purpose of this paper is to review
about various session based admission control techniques to This process involves certificates that are configured on both
avoid server overload. Overload control is a critical goal so that sides the connection. Although providing these security
a system can remain operational even when the incoming capabilities does not introduce a new degree of complexity
request rate is several times greater than the system capacity in web application structure, it increases remarkably the
and this admission control mechanism based on session will computation time needed to serve a connection, due to the
maximize the number of sessions completed successfully, use of cryptographic techniques, becoming a CPU intensive
allowing e-commerce sites to increase the number of workload.
transactions completed, generating higher benefits and Two problems are typically encountered with deploying e-
optimizes performance. commerce Web sites presented in [1,2]. First is overload,
where the volume of requests for content at a site
Keywords: Admission control, Application servers, temporarily exceeds the capacity for serving them and
Overload control, Service differentiation
renders the site unusable. Second is responsiveness, where
the lack of adequate response time leads to lowered usage of
1. Introduction a site and subsequently, reduced revenues. During overload
E-Commerce is a growing phenomenon as consumers gain conditions, the service’s response times may grow to
experience and comfort with shopping on the Internet .Most unacceptable levels, and exhaustion of resources may cause
of e-commerce web sites applications are session-based. the service to behave erratically or even crash causing denial
Access to a web service occurs in the form of a session of services. For this reason, overload prevention in these
consisting of a sequence of individual requests. Placing an applications is a critical issue. Several mechanisms have
order through the web site involves further requests relating been proposed in [1,3,4] to deal with overload, such as
to selecting a product, providing shipping information, admission control, request scheduling, service
arranging payment agreement and finally receiving a differentiation, service degradation.
confirmation. So for a customer trying to place an order or a Request scheduling refers to the order in which
retailer trying to make a sale, the real measure of a web concurrent requests should be served. A well known form is
server performance is its ability to process the entire queuing theory (SRPT) that shortest remaining processing
sequence of requests needed to complete a transaction. The time first scheduling minimizes queuing time .Better
higher the number of sessions completed the higher the scheduling can always be complementary to any other
amount of revenue that is likely to be generated as discussed mechanism .Service differentiation is based on
in [3]. Sessions that are broken or delayed at some critical differentiating classes of customers so that response times of
stages, like checkout and shipping, could mean loss of preferred clients do not suffer in the presence of overload.
revenue to the web site. Security between network nodes Service degradation is based on avoiding refusing clients as
(IJCNS) International Journal of Computer and Network Security, 155
Vol. 2, No. 6, June 2010
a response to overload but reducing the service offered to control goodness discussed in [1,2]: First is the percentage
clients for example in the form on providing smaller of aborted requests, which server can determine based on the
content. client side closed connections. Aborted requests indicate that
Admission control generally requires two components the level of service is unsatisfactory. Typically, aborted
knowing the load that a particular job will generate on a requests lead to aborted sessions, and could serve as a good
system, and knowing the capacity of that system. By keeping warning sign of degrading server performance; second is a
the maximum amount of load just below the system percentage of connection refused messages sent by a server,
capacity, overload is prevented and peak throughput is
in the case of full listen queue. Refused connections are the
achieved discussed in [1,2]. The goal of overload control is
dangerous warning sign of an overloaded server and its
to prevent service performance from degrading in an
inevitable poor session performance. If both of these values
uncontrolled fashion under heavy load, it is often desirable
to shed load. are zero then it reveals that an admission control
The rest of the paper is organized as follows: mechanism uses an adequate admission control function to
Section II Overview of Session based admission control cope with current workload and traffic rate. Good admission
(SBAC) techniques. Section III presents SSL connection control strategy which minimizes a percentage of aborted
differentiation and admission control. Sections IV CPU requests and refused connections (ideally to 0) and
Utilization-Based Implementation of SBAC Mechanism. maximizes the achievable server throughput .Now in the
Section V Adaptive admission control technique. Section following sections we are going to discuss three techniques
VI Comparative study of SBAC techniques. Section VII of session based admission control and their comparative
Conclusion. study
Hybrid admission control strategy which tunes itself to be session will maximizes the number of sessions completed
more responsive or more stable on a basis of observed successfully and allow e-commerce sites to increase the number of
quality of service. It successfully combines most attractive transactions completed, therefore help in enhancing security and
features of both responsive and stable policies. It improves performance.
performance results for workloads with medium to long
average session length.
References
6. Comparative study of SBAC Techniques
[1] L. Cherkasova, P. Phaal “Session Based Admission
CPU utilization based implementation presented in [1,2] Control: a Mechanism for Improving the Performance
is the simplest implementation of session based admission of an Overloaded Web Server.” HP Laboratories Report
control but can break under certain rates and not work No. HPL-98-119, June, 1998.
properly, reason is that the decision ,whether to admit or [2] L. Cherkasova, P. Phaal, “Session-based admission
reject new sessions, is made at the boundaries of ac-intervals control: A mechanism for peak load management of
and this decision can not be changed until the next ac- commercial websites” IEEE Transactions on
interval. However, in presence of a very high load, the Computers LI (6), pp. 669–685 ,2002.
number of accepted new sessions may be much greater than [3] Jordi Guitart, David Carrera, Vicenç Beltran, Jordi
a server capacity, and it inevitably leads to aborted sessions Torres and Eduard Ayguade “Session-Based Adaptive
and poor session completion characteristics Overload Control for Secure Dynamic Web
Hybrid admission control strategy covered in [2] which Applications” In Proceeding of International conf on
tunes itself to be more responsive or more stable on a basis Parallel Processing (ICPP) , pp. 341-349, 2005.
of observed quality of service. It successfully combines most [4] Jordi Guitart , Vicenc Beltran , David Carrera , Jordi
attractive features of both ac-responsive and ac-stable Torres , Eduard Ayguade “Designing an overload
policies. It improves performance results for workloads with control strategy for secure e-commerce applications” LI
medium to long average session length. (XV), pp. 4492-4510 , 2007.
Predictive admission control strategy also covered in [2] [5] M. Harchol-Balter, B. Schroeder, N. Bansal, M.
which estimates the number of new sessions a server can Agrawal, “Size-based scheduling to improve web
accept and still guarantee processing of all the future session performance” ACM Transactions on Computer Systems
requests. This adaptive strategy evaluates the observed , XXI (II) , pp. 207–233 , 2003
workload and makes its prediction for the load in the nearest [6] D. Mosberger, T. Jin “A tool for measuring web
future. It consistently shows the best performance results for server performance” Workshop on Internet Server
different workloads and different traffic patterns. For Performance (WISP’98) in conjunction with
workloads with short average session length, predictive SIGMETRICS’98 Madison, Wisconsin, USA, pp59–
strategy is the only strategy which provides both: highest 67 , 1998 .
server throughput in completed sessions and no (or, [7] S. Elnikety, E. Nahum, J. Tracey, W. Zwaenepoel,
practically no) aborted sessions. “A method for transparent admission control and
Session-based adaptive overload control mechanism based request scheduling in e-commerce web sites” 13th
on SSL connections differentiation and admission control International Conference on World Wide Web
presented in [3,4] prioritizes resumed connections (WWW’04), New York, USA, pp. 276–286, 2004
maximize the number of sessions completed and also limits [8] B. Urgaonkar, P. Shenoy, “Cataclysm: Handling
dynamically the number of new SSL connections accepted extreme overloads in internet services” Tech. Rep.
depending on the available resources and the number of TR03-40, Department of Computer Science, University
resumed SSL connections accepted, in order to avoid server of Massachusetts, USA, December 2003
overload. [9] H. Chen, P. Mohapatra, “Overload control in QoS-
aware webservers” Elsevier journal Computer Networks
7. Conclusion XLII (I) , pp.119–133, 2003
[10] A.O. Freier, P. Karlton, C. Kocher, “The SSL
SSL is commonly used for secure http connections where Protocol.Version 3.0” November 1996. Available:
sensitive information is going to be sent along networks. SSL http://wp.netscape.com/eng/ssl3/ssl-toc.htm
session integrity is a critical metric in e-commerce.
Overload can lead e-commerce applications to considerable
revenue losses or may cause response times to grow to
R K Pateriya M.Tech & B.E. in Computer
unacceptable levels hence overload control is a critical goal. Science & Engg. and working as Associate
To meet this goal either apply predictive or hybrid overload Professor in Information Technology
control strategy based on session length which tunes itself Department of MANIT Bhopal . Total 17
for giving better performance according to different Years Teaching Experience ( PG & UG ).
workload or an alternative approach is to apply SSL
connection differentiation and admission control technique
which prioritizes resumed SSL session over new session for
overload control. These admission control mechanism based on
158 (IJCNS) International Journal of Computer and Network Security,
Vol. 2, No. 6, June 2010