WEKO3
アイテム
Large-scale Certificate Management on Multi-tenant Web Servers
https://ipsj.ixsq.nii.ac.jp/records/199588
https://ipsj.ixsq.nii.ac.jp/records/199588936bf5ae-d428-40dc-8e22-ce7b1eea96ff
| 名前 / ファイル | ライセンス | アクション |
|---|---|---|
IPSJ-JNL6009029.pdf (1.9 MB)
|
Copyright (c) 2019 by the Information Processing Society of Japan
|
|
| オープンアクセス | ||
| Item type | Journal(1) | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 公開日 | 2019-09-15 | |||||||||||
| タイトル | ||||||||||||
| タイトル | Large-scale Certificate Management on Multi-tenant Web Servers | |||||||||||
| タイトル | ||||||||||||
| 言語 | en | |||||||||||
| タイトル | Large-scale Certificate Management on Multi-tenant Web Servers | |||||||||||
| 言語 | ||||||||||||
| 言語 | eng | |||||||||||
| キーワード | ||||||||||||
| 主題Scheme | Other | |||||||||||
| 主題 | [特集:“Applications and the Internet” in Conjunction with Main Topics of COMPSAC2018] web Server, TLS, operation technology, multi-tenant, large-scale, nginx, mruby | |||||||||||
| 資源タイプ | ||||||||||||
| 資源タイプ識別子 | http://purl.org/coar/resource_type/c_6501 | |||||||||||
| 資源タイプ | journal article | |||||||||||
| 著者所属 | ||||||||||||
| SAKURA Research Center, SAKURA Internet Inc. | ||||||||||||
| 著者所属 | ||||||||||||
| Pepabo Research and Development Institute, GMO Pepabo, Inc./Kenji Rikitake Professional Engineer's Office | ||||||||||||
| 著者所属 | ||||||||||||
| Pepabo Research and Development Institute, GMO Pepabo, Inc. | ||||||||||||
| 著者所属(英) | ||||||||||||
| en | ||||||||||||
| SAKURA Research Center, SAKURA Internet Inc. | ||||||||||||
| 著者所属(英) | ||||||||||||
| en | ||||||||||||
| Pepabo Research and Development Institute, GMO Pepabo, Inc. / Kenji Rikitake Professional Engineer's Office | ||||||||||||
| 著者所属(英) | ||||||||||||
| en | ||||||||||||
| Pepabo Research and Development Institute, GMO Pepabo, Inc. | ||||||||||||
| 著者名 |
Ryosuke, Matsumoto
× Ryosuke, Matsumoto
× Kenji, Rikitake
× Kentaro, Kuribayashi
|
|||||||||||
| 著者名(英) |
Ryosuke, Matsumoto
× Ryosuke, Matsumoto
× Kenji, Rikitake
× Kentaro, Kuribayashi
|
|||||||||||
| 論文抄録 | ||||||||||||
| 内容記述タイプ | Other | |||||||||||
| 内容記述 | For large-scale certificate management of multi-tenant web servers, preloading numerous certificates for managing numerous hosts under the single server process results in increasing the required memory usage because of the respective page table entry manipulation, which might be a poor resource efficiency and a reduced capacity. To resolve this issue, we propose a method for dynamic loading of certificates bound to the hostnames found during the SSL/TLS handshake sequences without preloading, provided that the Server Name Indication (SNI) extension is available. We implemented the function of choosing the respective certificates with the ngx_mruby module, which extends web server functions using mruby with a small memory footprint while maintaining the execution speed. The proposed method was evaluated by a web hosting service employing the authors. ------------------------------ This is a preprint of an article intended for publication Journal of Information Processing(JIP). This preprint should not be cited. This article should be cited as: Journal of Information Processing Vol.27(2019) (online) DOI http://dx.doi.org/10.2197/ipsjjip.27.650 ------------------------------ |
|||||||||||
| 論文抄録(英) | ||||||||||||
| 内容記述タイプ | Other | |||||||||||
| 内容記述 | For large-scale certificate management of multi-tenant web servers, preloading numerous certificates for managing numerous hosts under the single server process results in increasing the required memory usage because of the respective page table entry manipulation, which might be a poor resource efficiency and a reduced capacity. To resolve this issue, we propose a method for dynamic loading of certificates bound to the hostnames found during the SSL/TLS handshake sequences without preloading, provided that the Server Name Indication (SNI) extension is available. We implemented the function of choosing the respective certificates with the ngx_mruby module, which extends web server functions using mruby with a small memory footprint while maintaining the execution speed. The proposed method was evaluated by a web hosting service employing the authors. ------------------------------ This is a preprint of an article intended for publication Journal of Information Processing(JIP). This preprint should not be cited. This article should be cited as: Journal of Information Processing Vol.27(2019) (online) DOI http://dx.doi.org/10.2197/ipsjjip.27.650 ------------------------------ |
|||||||||||
| 書誌レコードID | ||||||||||||
| 収録物識別子タイプ | NCID | |||||||||||
| 収録物識別子 | AN00116647 | |||||||||||
| 書誌情報 |
情報処理学会論文誌 巻 60, 号 9, 発行日 2019-09-15 |
|||||||||||
| ISSN | ||||||||||||
| 収録物識別子タイプ | ISSN | |||||||||||
| 収録物識別子 | 1882-7764 | |||||||||||
