Comparing Reliability Mechanisms for Secure Web Servers: Comparing Actors, Exceptions and Futures in Scala

Danail Penev; Phil Trinder

doi:10.5220/0010017200510058

Comparing Reliability Mechanisms for Secure Web Servers: Comparing Actors, Exceptions and Futures in Scala

Danail Penev, Phil Trinder

2020

Abstract

Modern web applications must be secure, and use authentication and authorisation for verifying the identity and the permissions of users. Programming language reliability mechanisms commonly implement web application security and include exceptions, actors and futures. This paper compares the performance and programmability of these three reliability mechanisms for secure web applications on the popular Scala/Akka platform. Key performance metrics are throughput and latency for workloads comprising successful, unsuccessful and mixed requests across increasing levels of concurrent connections. We find that all reliability mechanisms fail fast: unsuccessful requests have low mean latency (1-2ms) but dramatically reduce throughput: by more than 100x. For a realistic authentication workloads exceptions have the highest throughput (187K req/s) and the lowest mean latency (around 5ms), followed by futures. Our programmability study focuses on the available attack surface measured as code blocks in the web application implementation. For authentication and authorisation actors have the smallest number of code blocks for both our benchmark (3) and a sequence of n security checks (n + 1). Both futures and exceptions have 4 (2n) code blocks. We conclude that Actors minimise programming complexity and hence attack surface.

Download

Paper Citation

in Harvard Style

Penev D. and Trinder P. (2020). Comparing Reliability Mechanisms for Secure Web Servers: Comparing Actors, Exceptions and Futures in Scala.In Proceedings of the 16th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST, ISBN 978-989-758-478-7, pages 51-58. DOI: 10.5220/0010017200510058

in Bibtex Style

@conference{webist20,
author={Danail Penev and Phil Trinder},
title={Comparing Reliability Mechanisms for Secure Web Servers: Comparing Actors, Exceptions and Futures in Scala},
booktitle={Proceedings of the 16th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,},
year={2020},
pages={51-58},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010017200510058},
isbn={978-989-758-478-7},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 16th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,
TI - Comparing Reliability Mechanisms for Secure Web Servers: Comparing Actors, Exceptions and Futures in Scala
SN - 978-989-758-478-7
AU - Penev D.
AU - Trinder P.
PY - 2020
SP - 51
EP - 58
DO - 10.5220/0010017200510058