Ž. In this paper, we review the basic mechanisms used in packet networks to support Quality-of-Service QoS guarantees. We outline the various approaches that have been proposed, and discuss some of the trade-offs they involve. Specifically, the paper starts by introducing the different scheduling and buffer management mechanisms that can be used to provide service differentiation in packet networks. The aim is not to provide an exhaustive review of existing mechanisms, but instead to give the reader a perspective on the range of options available and the associated trade-off between performance, functionality, and complexity. This is then followed by a discussion on the use of such mechanisms to provide specific end-to-end performance guarantees. The emphasis of this second part is on the need for adapting mechanisms to the different environments where they are to be deployed. In particular, fine grain buffer management and scheduling mechanisms may be neither necessary nor cost effective in high speed backbones, where ''aggregate'' solutions are more appropriate. The paper discusses issues and possible approaches to allow coexistence of different mechanisms in delivering end-to-end guarantees. q
Abstract-In this paper, we share our experience in designing and building a content based switch which we call L5. In addition to the layer 2-3-4 information available in the packet, a content based switch uses application level information to route traffic in the network. Making routing decisions based on information contained in the payload is not a new idea. In fact application level proxies which are functionally equivalent to a content-based switch, have been around for years.Our contribution is in combining the functionalities of an application level proxy with the data handling capabilities of a switch into a single system. In this paper, we describe the architecture of the L5 system along with the details of how application level information can be efficiently processed in switch hardware. We cover two specific application examples that we believe are ideal candidates for content-based switching: one is routing HTTP sessions based on Uniform Resource Locators (URL) and the other is session-aware dispatching of Secure Socket Layer (SSL) connections.
The last couple of years have seen a growing momentum toward using the Internet for conducting business. Web-based electronic commerce applications are one of the fastest growing segments of the Internet today. A key enabler for e-commerce applications is the ability to setup secure private channels over a public network. The Secure Sockets La er protocol provides this ca ability and is the most widely working principles behind SSL with an eye on performance. We benchmark two of the popular Web servers in wide use in a n u m b e r of large e-commerce sites. Our results show that the overheads due to SSL can make Web servers slower by a couple of orders of magnitude. W e investigate the reason for this deficiency by instrumenting the SSL protocol stack with a detailed profiling of the protocol processing components. In light of our observations, we outline architectural guidelines for large e-commerce sites.used security protocoYin the Internet. In this artic P e w e take a close look at the ccurity is important on the Internet. Whether sharing financial, business, or personal information. pcoplc want to know with whom they a r e communicating (authentication), to cnsure that what is sent is what is received (integrity), and to prevcnt others from eavesdropping on their communications (privacy). The Secure Sockets Layer (SSL) protocol [ 11 providcs one niciins of achieving these goals. It was designed and first iniplcmcnted by Netscape Corporation as a security enhanccmcnt for their Web servers and browsers. Since thcn, almost all vctidors and public domain software developers havc integratcd SSL in their security-sensitive client-server applications. At present, SSL is widely deployed in many intranets as well 21s over the public Internet in the form of SSL-capable sci-vers and clicnts. and has become the dc facto standard for transport layer security. Recently, the Internet Engineering Task Force ( I E T F ) started an effort to standardize SSL a s an IETF standard under the name Transport Layer Sccui-ity (TLS) protocol [2].One o f the treasons SSL has outgrown other transport and application laycr security protocols such 21s SSH [3], SET [4]. and S M l M E [j] i n terms of dcploymcnt is that it is application-protocol-indcpcndctit. Conceptually. any application that runs ovcr TCP can also run ovcr SSL. Thcre are many examples of applications such as TELNET and FTP running ti-ansparcntly ovcr SSL. However, SSL is most widely used a s the sccut-e transport laycr below Hypertext Transfcr Protocol (HTTP) [O]. A large number of e-commerce sites dealing with privatc and sensitive information use SSL as the securc transport layer. This nunibcr is expected to grow as more and more busincsscs and users embrace electronic commerce. As security bcconics an intcgral feature of Internet applications and the use of S S L rises, its impact on the performance of servers as well as clients is going to bc increasingly important. The objective o f this article is to take a close and critical look at the SSL protocol with an eye o...
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.