Title: Evaluation of Authentication and User Identi cation on Simultaneous Session Limitation Mechanism

Issue Number: Vol. 9, No. 2
Year of Publication: 2019
Page Numbers: 113-123
Authors: Ryo SHIBAHARA, Keizo SAISHO
Journal Name: International Journal of Digital Information and Wireless Communications (IJDIWC)
- Hong Kong
DOI:  http://dx.doi.org/10.17781/P002613


Responsiveness of Web servers is lowered when they are overloaded caused by a lot of requests from clients. Moreover, Web servers are required to be not only available but also stable responsiveness especially for interactive Web applications. In this paper, a mechanism which limits the number of simultaneous sessions using rewall is proposed in order to provide stable Web services. The mechanism consists of authentication server, rewall and user identi cation server. Authentication server authenticates user and registers IP address of his ma- chine with rewall when the number of current simultaneous sessions is less than the speci ed number. After this, authenticated users can access Web server via rewall and user identi cation server. By using rewall, it is possible to not only limit the number of simultaneous sessions but also block malicious attacks such as DoS attack. Unauthenticated users, however, can access the Web server without authentication when they use same NAT environment or proxy server as authenticated users. User identi cation server detects access from unauthenticated users and blocks them. Moreover, it limits the number of accesses per unit time in order to prevent attacks from authenticated ma- licious users. This paper describes evaluation of user authentication server and user identi cation server. From results of evaluations, we con rm that user authentication server can authenticate and has enough capacity, and user identi cation server has tolerance of attack with unauthenticated users and can limit the number of accesses per unit time.