Presentation is loading. Please wait.

Presentation is loading. Please wait.

2006/07/12ICPADS Secure and High-performance Web Server System for Shared Hosting Service Daisuke Hara and Yasuichi Nakayama The University.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "2006/07/12ICPADS Secure and High-performance Web Server System for Shared Hosting Service Daisuke Hara and Yasuichi Nakayama The University."— Presentation transcript:

1 2006/07/12ICPADS 2006@Minneapolis1 Secure and High-performance Web Server System for Shared Hosting Service Daisuke Hara and Yasuichi Nakayama The University of Electro-Communications, Tokyo, Japan

2 2006/07/122 Outline Introduction Background –Problems of large-scale hosting service and web server Proposal - Hi-sap –Design –Implementation Evaluation Conclusions

3 2006/07/123 Introduction Problem of existing web servers –Server embedded interpreters cannot be used safely in large- scale environments like a shared hosting service. Proposal - Hi-sap –Web objects that are stored in a server are divided into partitions*. –Server processes run under the privilege of different users in every partition. Achievement –Hi-sap solves the problem. –It achieves high performance & scalability. (*) “partition” is a unit of division of web objects. (e.g. site, content, QUERY_STRING)

4 2006/07/124 Background More people are creating their own websites as the Internet grows in popularity. –weblog, wiki, CMS Shared hosting services are widely used. –Many customers share a server. 100s - 1000s sites/server –low price & flexible custom CGI, etc.

5 2006/07/125 Server embedded interpreters e.g. PHP, mod_ruby, mod_perl Because they have server processes including interpreters of language processors, they can improve performance in processing dynamic content like weblogs and wikis.

6 2006/07/126 Problem of existing web servers A’s website B’s website C’s website Server Internal users can steal & delete authentication content without authentication (cp, rm commands or malicious CGI scripts). browser authentication auth content steal & delete ID & Pass It is required to grant read permission to an other. (rw-r--r--)

7 2006/07/127 Problem of existing web servers (cont.) Existing solution: POSIX ACL & suEXEC –CGI scripts run under the privilege of the site owner by using suEXEC. –Permissions of public access files are granted only to the dedicated user* by using POSIX ACL. –It is not required to grant read permission to an other. (*) “dedicated user” is user account that runs server processes. e.g. www, apache, www-data

8 2006/07/128 Problem of existing web servers (cont.) Even if POSIX ACL & suEXEC is used, the problem occurrs when server embedded interpreters are used. –Dynamic content that use server embedded interpreters (e.g. PHP, mod_ruby, mod_perl) also run under the privilege of a dedicated user. –Malicious PHP scripts can steal & delete authentication content.

9 2006/07/129 Harache ([13][14]) Predecessor of Hi-sap Server processes run under the privilege of the site owner. root ① ② ④ browser GET /~userA/ ① A browser sends request to the user A's website. ② The privilege of the server process is changed to user A. ③ The server process processes the request. ④ It returns a response to the browser. Harache Server Process userA ③

10 2006/07/1210 Harache (cont.) Server embedded interpreters can be used safely. –File permissions to a dedicated user are not necessary. –It is required to grant permissions only to the site owner. But, it cannot fully use the increased speed of server embedded interpreters. –Server processes terminate after each session. (= CGI) Hi-sap solves Harache’s performance problem.

11 2006/07/1211 Goal Realization of secure, high-performance, and scalable web server system, Hi-sap Secure: Scripts of a partition cannot access other partitions. High performance: Dynamic content can be processed at high speed by fully using the increased speed of server embedded interpreters. Scalable: A number of partitions can be housed in a server.

12 2006/07/1212 Design Security –Server processes run under the privilege of different users in every partition. (= Harache) –The system brings access control into operation with a secure OS. Performance –The system pools server processes that run under the privilege of the different users. (!= Harache) Scalability –The system controls the creation and termination of server processes. Content Access Scheduler

13 2006/07/1213 Content Access Scheduler Web-server level scheduler –[aim] It enhances the scalability of the number of partitions in a server. –[method] It controls the creation and termination of server processes. By using the suitable scheduler for the purpose, it achieves high-scalability.

14 2006/07/1214 Implementation OS: Linux OS with SELinux dispatcher –reverse proxy server –Apache 2.0.55 + mod_hisap workers –Each worker runs under the privilege of a different user and processes requests for a specific dedicated partition. –Apache 2.0.55 x 1000 Any web server software can be used. hisapd –Content Access Scheduler

15 2006/07/1215 Overview of request processing B workers … GET / HTTP/1.1 Host: www.C.net terminating worker A www A A A B B C C C C hisapd asking to activate worker C root worker A has no requests HTTP UNIX Domain socket sending the response process the request reverse proxy activating worker C confirming if worker C is active dispatcher OK Browser Server heavy load

16 2006/07/1216 Scheduling algorithm We developed Content Access Scheduler to avoid thrashing. –Thrashing decreases the performance of web servers dramatically. Algorithm of worker activation –hisapd dynamically activates workers after requests from the dispatcher. Algorithm of worker termination –When thrashing seems to occur, hisapd terminates workers that have not been requested recently.

17 2006/07/1217 Scheduling algorithm (cont.) Conditions for which hisapd judges that thrashing seems to occur –A swap-in occurs. –A swap-out occurs. –Memory use is 99% or more. Conditions for which hisapd chooses workers to terminate –The worker is active. –The worker is not recorded in the most recent 10,000 requests.

18 2006/07/1218 Evaluation Experimental environments Network Switching Hub DELL PowerConnect 2724 1000 BASE-T x 24 Server CPU AMD Opteron 240EE 1.4 GHz x 2 Memory4 GB (swap 8 GB) OS Fedora Core 4 (kernel 2.6.14) NIC Broadcom BCM5704C 1 Gbps Client CPU Intel Pentium III Xeon 500 MHz x 4 Memory256 MB (swap 512 MB) OS Fedora Core 4 (kernel 2.6.14) NIC Intel PRO/1000XT PWLA8490XT 1 Gbps Gigabit Ethernet

19 2006/07/1219 Evaluation (conf.) Basic performance evaluation –We evaluated the basic performance in processing dynamic content. Scalability evaluation –We evaluated the scalability of the number of partitions in a server in processing dynamic content. ☆ Target content –We sent requests to a PHP script that calls phpinfo(). The script displays the system information of the PHP language processor. (40 KB per request)

20 2006/07/1220 Basic performance evaluation Aim –to determine useful performance of our system Systems for comparison –Apache –One-to-one It uses networks with a reverse proxy, and has a dispatcher and many workers that are dedicated to process requests for each partition. Although it is similar to our system, mod_hisap and hisapd are not installed. –Apache with suEXEC Benchmark –httperf benchmark ver. 0.8

21 2006/07/1221 Basic performance evaluation (cont.) The system loses an avg. of 28.0% of the throughput relative to Apache. –The overhead of the system is because of a reverse proxy. However, the system has high throughput relative to suEXEC. The system loses an avg. of 1.0% of the throughput relative to One-to-one. –The overhead of mod_hisap & hisapd is very low.

22 2006/07/1222 Scalability evaluation Aim –to determine the effectiveness of Content Access Scheduler Comparison system –One-to-one mod_hisap and hisapd (Content Access Scheduler) are not installed. Benchmark –Apache benchmark ver. 2.0.41-dev

23 2006/07/1223 Scalability evaluation (cont.) Our system’s scalability is high. –The throughput decrement due to an increase in the number of partitions was low. For One-to-one, the OS crashed due to a memory shortage when the number of partitions was 600.

24 2006/07/1224 Scalability evaluation (cont.) The swap use of One-to-one dramatically increases due to an increase in the number of partitions. –This is the reason of the OS crash. Our system does not use swap space as much because of Content Access Scheduler.

25 2006/07/1225 Comparison of approaches Security in a Server Basic Performance ScalabilityGenerality Apachevery poorexcellentgood suEXEC & POSIX ACL goodvery poorgood Sandbox / VM excellent poor / very poor good PHP safe mode goodexcellentgoodvery poor Apache perchild MPM good - poorgood One-to-one good poorgood Harache goodpoorgood Hi-sap excellentgood

26 2006/07/1226 Conclusions Proposal: Hi-sap –Secure and high-performance web server system Implementation: –On a Linux OS with SELinux. Achievement: –High performance –High scalability

27 2006/07/1227 Future Work Creating various Content Access Schedulers –for wiki –for weblog –for CMS, etc. Evaluating these schedulers

28 2006/07/1228 Thank you. Any questions/comments?

Download ppt "2006/07/12ICPADS Secure and High-performance Web Server System for Shared Hosting Service Daisuke Hara and Yasuichi Nakayama The University."

Similar presentations

DIFFSYNC A file synchronization program CLASS PROJECT – EEL6883 BY ADAM RADWAN GARGI CHIPALKATTI.

DIFFSYNC A file synchronization program CLASS PROJECT – EEL6883 BY ADAM RADWAN GARGI CHIPALKATTI.
Web Visualization Technology Horner APG Ver 1.0.

Web Visualization Technology Horner APG Ver 1.0.
Prime’ Senior Project. Presentation Outline What is Our Project? Problem Definition What does our system do? How does the system work? Implementation.

Prime’ Senior Project. Presentation Outline What is Our Project? Problem Definition What does our system do? How does the system work? Implementation.
XENMON: QOS MONITORING AND PERFORMANCE PROFILING TOOL Diwaker Gupta, Rob Gardner, Ludmila Cherkasova 1.

XENMON: QOS MONITORING AND PERFORMANCE PROFILING TOOL Diwaker Gupta, Rob Gardner, Ludmila Cherkasova 1.
1 Web Server Performance in a WAN Environment Vincent W. Freeh Computer Science North Carolina State Vsevolod V. Panteleenko Computer Science & Engineering.

1 Web Server Performance in a WAN Environment Vincent W. Freeh Computer Science North Carolina State Vsevolod V. Panteleenko Computer Science & Engineering.
DT211/3 Internet Application Development Active Server Pages & IIS Web server.

DT211/3 Internet Application Development Active Server Pages & IIS Web server.
Oct. 27, 2010BROADNETS Greece1 Hi-sap: Secure and Scalable Web Server System for Shared Hosting Services Daisuke Hara, Ryohei Fukuda, Kazuki.

Oct. 27, 2010BROADNETS Greece1 Hi-sap: Secure and Scalable Web Server System for Shared Hosting Services Daisuke Hara, Ryohei Fukuda, Kazuki.
1 Design and Implementation of A Content-aware Switch using A Network Processor Li Zhao, Yan Luo, Laxmi Bhuyan University of California, Riverside Ravi.

1 Design and Implementation of A Content-aware Switch using A Network Processor Li Zhao, Yan Luo, Laxmi Bhuyan University of California, Riverside Ravi.
3.5 Interprocess Communication Many operating systems provide mechanisms for interprocess communication (IPC) –Processes must communicate with one another.

3.5 Interprocess Communication Many operating systems provide mechanisms for interprocess communication (IPC) –Processes must communicate with one another.
3.5 Interprocess Communication

3.5 Interprocess Communication
Handling Web Hotspots at Dynamic Content Web Sites Using DotSlash Weibin Zhao Henning Schulzrinne Columbia University Dagstuhl.

Handling Web Hotspots at Dynamic Content Web Sites Using DotSlash Weibin Zhao Henning Schulzrinne Columbia University Dagstuhl.
Xen and the Art of Virtualization. Introduction  Challenges to build virtual machines Performance isolation  Scheduling priority  Memory demand  Network.

Xen and the Art of Virtualization. Introduction  Challenges to build virtual machines Performance isolation  Scheduling priority  Memory demand  Network.
Module 2 Deploying SharePoint Portal Server 2003.

Module 2 Deploying SharePoint Portal Server 2003.
Cluster computing facility for CMS simulation work at NPD-BARC Raman Sehgal.

Cluster computing facility for CMS simulation work at NPD-BARC Raman Sehgal.
IBIS System: Requirements and Components Lois M. Haggard Office of Public Health Assessment.

IBIS System: Requirements and Components Lois M. Haggard Office of Public Health Assessment.
 2000 Deitel & Associates, Inc. All rights reserved. Chapter 24 – Web Servers (PWS, IIS, Apache, Jigsaw) Outline 24.1Introduction 24.2Microsoft Personal.

 2000 Deitel & Associates, Inc. All rights reserved. Chapter 24 – Web Servers (PWS, IIS, Apache, Jigsaw) Outline 24.1Introduction 24.2Microsoft Personal.
Web Servers Web server software is a product that works with the operating system The server computer can run more than one software product such as e-mail.

Web Servers Web server software is a product that works with the operating system The server computer can run more than one software product such as .
Introduction to HP LoadRunner Getting Familiar with LoadRunner >>>>>>>>>>>>>>>>>>>>>> www.softwaretestinggenius.com

Introduction to HP LoadRunner Getting Familiar with LoadRunner >>>>>>>>>>>>>>>>>>>>>>
Web Server A software program or server computer equipped to offer World Wide Web access. Web servers allow you to serve content over the Internet using.

Web Server A software program or server computer equipped to offer World Wide Web access. Web servers allow you to serve content over the Internet using.
14th April 1999Hepix 19991 Oxford Particle Physics Site Report Pete Gronbech Systems Manager.

14th April 1999Hepix Oxford Particle Physics Site Report Pete Gronbech Systems Manager.

Similar presentations

Ads by Google