Title: Evaluation of Authentication and User Identication on Simultaneous Session Limitation Mechanism
Issue Number: | Vol. 9, No. 2 |
Year of Publication: | 2019 |
Page Numbers: | 113-123 |
Authors: | Ryo SHIBAHARA, Keizo SAISHO |
Journal Name: | International Journal of Digital Information and Wireless Communications (IJDIWC) - Hong Kong |
DOI: http://dx.doi.org/10.17781/P002613
Abstract:
Responsiveness of Web servers is lowered when they are overloaded caused by a lot of requests from clients. Moreover, Web servers are required to be not only available but also stable responsiveness especially for interactive Web applications. In this paper, a mechanism which limits the number of simultaneous sessions using rewall is proposed in order to provide stable Web services. The mechanism consists of authentication server, rewall and user identication server. Authentication server authenticates user and registers IP address of his ma- chine with rewall when the number of current simultaneous sessions is less than the specied number. After this, authenticated users can access Web server via rewall and user identication server. By using rewall, it is possible to not only limit the number of simultaneous sessions but also block malicious attacks such as DoS attack. Unauthenticated users, however, can access the Web server without authentication when they use same NAT environment or proxy server as authenticated users. User identication server detects access from unauthenticated users and blocks them. Moreover, it limits the number of accesses per unit time in order to prevent attacks from authenticated ma- licious users. This paper describes evaluation of user authentication server and user identication server. From results of evaluations, we conrm that user authentication server can authenticate and has enough capacity, and user identication server has tolerance of attack with unauthenticated users and can limit the number of accesses per unit time.