``Enforcing direct communications between clients and Web servers to 
improve proxy performance and security"

Songqing Chen and Xiaodong Zhang 

Software: Practice and Experience, Vol. 34, Issue 14, November 2004.
                                                                                
Abstract

The amount of dynamic Web contents and secured e-commerce transactions
has been dramatically increasing in Internet where proxy servers between
clients and Web servers are commonly used for the purpose of sharing
commonly accessed data and reducing Internet traffic.  A significant and
unnecessary Web access delay is caused by the overhead in proxy servers
to process two types of accesses, namely dynamic Web contents and
secured transactions, not only increasing response time, but also 
raising some security concerns. Conducting experiments on Squid proxy 
2.3STABLE4, we have quantified the unnecessary processing overhead to show 
their significant impact on increased client access response times. We have 
also analyzed the technical difficulties in eliminating or reducing the 
processing technical difficulties in eliminating or reducing the processing
overhead and the security loopholes based on the existing proxy
structure.  In order to address these performance and security concerns,
we propose a simple but effective technique from the client side that
adds a detector interfacing with a browser. With this detector, a
standard browser, such as the Netscape/Mozilla, will have simple
detective and scheduling functions, called a detective browser.
Upon an Internet request from a user, the detective browser can
immediately determine whether the requested content is dynamic or
secured.  If so, the browser will bypass the proxy and forward the
request directly to the Web server; otherwise, the request will be
processed through the proxy.  We implemented a detective browser
prototype in Mozilla version 0.9.7, and tested its functionality and 
effectiveness.

Back to the HPCS Main Page at the Ohio State University.