Building Secure High-Performance Web Services with OKWS

OKWS is a toolkit for building fast and secure Web services. It provides Web developers with a small set of tools that has proved powerful enough to build complex systems with limited effort. Despite its emphasis on security, OKWS shows performance improvements compared to popular systems: when servicing fully dynamic, non-disk-bound database workloads, OKWS's throughput and responsiveness exceed that of Apache 2 [3], Flash [23] and Haboob [44]. Experience with OKWS in a commercial deployment suggests it can reduce hardware and system management costs, while providing security guarantees absent in current systems.

[1]  Jerome H. Saltzer,et al.  The protection of information in computer systems , 1975, Proc. IEEE.

[2]  Sun Microsystems,et al.  RPC: Remote Procedure Call Protocol specification: Version 2 , 1988, RFC.

[3]  Roy T. Fielding,et al.  Hypertext Transfer Protocol - HTTP/1.1 , 1997, RFC.

[4]  Robert Grimm,et al.  Application performance and flexibility on exokernel systems , 1997, SOSP.

[5]  Willy Zwaenepoel,et al.  Flash: An efficient and portable Web server , 1999, USENIX Annual Technical Conference, General Track.

[6]  David Mazières,et al.  A Toolkit for User-Level File Systems , 2001, USENIX Annual Technical Conference, General Track.

[7]  David E. Culler,et al.  SEDA: an architecture for well-conditioned, scalable internet services , 2001, SOSP.

[8]  David E. Culler,et al.  Ninja: A Framework for Network Services , 2002, USENIX Annual Technical Conference, General Track.

[9]  Marvin Theimer,et al.  Cooperative Task Management Without Manual Stack Management , 2002, USENIX Annual Technical Conference, General Track.

[10]  Larry Peterson,et al.  Defensive programming: using an annotation toolkit to build DoS-resistant software , 2002, OSDI '02.

[11]  Marianne Shaw,et al.  Scale and performance in the Denali isolation kernel , 2002, OSDI '02.

[12]  John R. Douceur,et al.  Cooperative Task Management without Manual Stack Management or, Event-driven Programming is Not the Opposite of Threaded Programming , 2002 .

[13]  Samuel T. King,et al.  Backtracking intrusions , 2003, SOSP '03.

[14]  Benjamin A. Schmit,et al.  CSE - A C++ Servlet Environment for High-Performance Web Applications , 2003, USENIX Annual Technical Conference, FREENIX Track.

[15]  George C. Necula,et al.  Capriccio: scalable threads for internet services , 2003, SOSP '03.

[16]  Robert Tappan Morris,et al.  Multiprocessor Support for Event-Driven Programs , 2003, USENIX Annual Technical Conference, General Track.