Security and Web Quality of Service

Tarek F. Abdelzhaer and Chengdu Huang, University of Virginia

Introduction to Security and Web QoS

Web QoS Architecture and Security Implications

The Challenge of QoS Guarantees

Current Web Architecture

HTTP

Caching and Content Distribution

Performance Guarantees and Denial-of-QoS in Web Servers

Performance Isolation

Service Differentiation

Challenges

QoS Adaptation

Performance and Security Considerations in Web Proxy Servers

Other Security Issues

Conclusions and Future Trends

Glossary

Cross References

References

INTRODUCTION TO SECURITY AND WEB QoS

The Web has become the preferred interface for a growing number of distributed applications with various demands for reliability, availability, security, privacy, timeliness, and network bandwidth, as shown in Figure 1. These properties are often called Web quality of service (Web QoS) dimensions. The new demands call for both network and end-system architectures for performance guarantees to satisfy quality of service. Deployment of QoS architectures has been much more successful at the application layer than at the network layer. The failure of network layer architectures such as int-serv, RSVP, and diff-serv is attributed in part to the lack of a good pricing model for network QoS, the lack of appropriate enforcement, and the lack of an end-to-end solution that spans multiple administrative domains and is upheld by all Internet service provides (ISPs) on the path of a client's packet. In the absence ...