Check out the new USENIX Web site.

USENIX, The Advanced Computing Systems Association

NSDI '06 — Abstract

Pp. 183–196 of the Proceedings

Connection Conditioning: Architecture-Independent Support for Simple, Robust Servers

KyoungSoo Park and Vivek S. Pai, Princeton University


For many network server applications, extracting the maximum performance or scalability from the hardware may no longer be much of a concern, given today's pricing - a $300 system can easily handle 100 Mbps of Web server traffic, which would cost nearly $30,000 per month in most areas. Freed from worrying about absolute performance, we re-examine the design space for simplicity and security, and show that a design approach inspired by Unix pipes, Connection Conditioning (CC), can provide architecture-neutral support for these goals.

By moving security and connection management into separate filters outside the server program, CC supports multi-process, multi-threaded, and event-driven servers, with no changes to programming style. Moreover, these filters are customizable and reusable, making it easy to add security to any Web-based service. We show that CC-enhanced servers can easily support a range of security policies, and that offloading connection management allows even simple servers to perform comparably to much more complicated systems.

  • View the full text of this paper in HTML and PDF. Listen to the presentation in MP3 format.
    Click here if you have forgotten your password Until May 2007, you will need your USENIX membership identification in order to access the full papers. The Proceedings are published as a collective work, © 2006 by the USENIX Association. All Rights Reserved. Rights to individual papers remain with the author or the author's employer. Permission is granted for the noncommercial reproduction of the complete work for educational or research purposes. USENIX acknowledges all trademarks within this paper.

  • If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.
To become a USENIX Member, please see our Membership Information.

Last changed: 1 June 2006 ch