Performance evaluation of web services with distributed objects

Published:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Abstract

This paper evaluates the performance of web services and distributed objects. The security issues in Web Services and distribute are studied and an improvement for these are provided. Due to the security improvements in these, overhead factor arises is these two. In order to study the overhead due to the security mechanisms, their performance is also studied and compared. For the performance evaluation, the simulations are done on two different operating systems under two situations - single and networked computers.

I. Introduction

The earlier version of internet technology consisted of several clients which interacted with single server for data transfer. Later phase called network of systems where several clients communicate with several servers has been evolved. The communication in the later phase has become complex as it involved different distributed applications over a network. Hence, the middleware technology was developed for the interoperability of messages between distributed applications. Web services and distributed objects are the most widely used technology's categorized under middleware.

Web Services are widely evolved as a platform independent technology. It uses service oriented messages as the communication protocol which in turn increases the run time costs. The other alternative to the Web Services are the Distributed objects which uses object oriented messages. There are some issues to use which type of middleware technology for a platform and also regarding security. My contribution in this paper is to provide a brief on Web Services and distributed objects, and security mechanisms. Also, provide a performance comparison on Web Services and distributed objects and analyze their results.

The paper is organized as follows. Previous research in the field of Web Services and distributed object and my contribution is presented in the second section. In the third section, the web services and distributed objects are discussed briefly. The fourth section discusses about the security mechanisms in web services and distributed objects. The environment that has been used for the simulation is discussed in fifth section. Section sixth and seventh discusses about the results and analysis of the obtained results followed by conclusion.

II. EARLIER WORK AND NEED FOR RESEARCH

Performance comparison of web services and Java RMI has been done earlier. However, in terms of simulation environment and conditions considered, present work in this paper is different from the earlier work. Most of the papers did not consider the security constraints in Web Services and distributed objects. This paper provides security mechanisms in Web Services and distributed objects and then study the overhead factor due to these mechanisms compared to unsecured web services and distributed objects. Gray [1] performed the comparison between the middleware technologies on distributed applications. Juric, Rozman, Hericko, Welzer and Gyorkos [2] optimized the Java RMI and compared their overhead performance. Moralis, Pouli, Grammatikou, Papavassiliou and Maglaris [3] presented the security mechanisms in Web Services. Tang, Chen, Levy, Zic and Yan [4] provided an overview of overhead performance in web services security.

III. MIDDLEWARE TECHNOLOGIES

This section will briefly describe the features and architectures of the middleware technologies considered in this paper.

Fig. 1 below represents the organization of middleware technology. It acts as software which resides in between the Application layer and operating system of a machine, invisible to user interface. It provides standard interfaces for the developers to interoperate across different applications and operating systems, supports common services to facilitate collaboration between applications. Middleware usage has several benefits - provides language and platform independent services, better interoperability, reduces cost and time for developing applications. These are classified into the following categories, based on the different criteria -Distributed object Middleware, Component Middleware, World Wide Web Middleware and Grid Computing Middleware. In the following sections, World Wide Web and distributed object middleware are considered for the performance comparisons.

A. Web Services

Web Services are widely accepted as a platform-independent technology, classified as World Wide Web technology under middleware. According to World Wide Web Consortium [8], “A Web service is a software application identified by a Uniform Resource Identifier, whose interfaces and binding are capable of being defined, described and discovered by XML artifacts and supports direct interactions with other software applications using XML based messages via internet-based protocols.”

One of the primary feature of Web Service is that it is loosely coupled i.e., the only criterion for the client and server communication based on Web Service is they should agree on syntax and semantics of XML messages. Some of the other features of Web Services are:

  • Uses XML based messages
  • Language independent technology
  • Dynamically located and invoked
  • Interoperable over heterogeneously connected computers.

Fig. 2 represents the architecture of Web Services. Service requestor is an application which initiates a request for a service. It acts as a client in client-server pattern. Service Provider, which acts as server in client-server pattern is a platform where the access to the service is available. Discovery agency acts as a registry where service provider publishes its service descriptions.

For an application to take advantage of Web Services, 3 behaviors must take place:

  • Publish - in order to be accessible to service requestor, service provider should publish its service descriptions in discovery agencies,
  • Find - Service requestor finds the service description directly or sends requests to discover agencies,
  • Interact - using the details obtained from discovery agencies, Service requestor interacts with the service provider to locate and contact service.

Besides the advantage of platform independent, usage of XML based messages increases the run time cost and they are not secure. In order to improve security, Web Services Security is introduced which is discussed in later section.

B. Distributed objects

Distributed objects provide an alternative to Web Services technology. These are Object oriented technology and perform faster than Web Services. Distributed objects are classified into three types:

  • Common Object Request Broker Architecture - Commonly known as CORBA developed by Object Management Group. It allows objects to interoperate across network and is independent of platform
  • Java Remote Method Invocation - Commonly known as Java RMI, enables developers to create distributed java-to-java applications and supports sophisticated object Interactions. It is more flexible than CORBA due to the Java Virtual Machine Architecture
  • Distributed Component Object Model - Also known as DCOM is developed by Microsoft, is primarily implemented for Windows. It provides interoperability across Languages but not on operating systems

In this paper, Java RMI type of distributed object will be used for comparison with Web Services since it has the advantage of Java Virtual Machine Architecture.

1) 1) Java Remote Method Invocation (Java RMI)

The significance of Java with RMI is the need to provide security in communication. Java RMI is a language dependent technology which runs on Java framework, providing the same features as Java. It allows the remote method object on virtual machine to interact with the remote object method on other virtual machine. Because of the Java framework, Java RMI has several other features: Object oriented, safe and secure, automatic distributed garbage collection and portable on any Java virtual machine platform.

Fig. 3 represents the architecture of Java RMI which constitutes of three layers-

  • Stub/Skeleton Layer is an interface between application layer and rest of the RMI system. Stub layer is a client side proxy which forwards the requests from client to remote reference layer. Skeleton layer is the server side proxy which returns calls to the remote reference layer.
  • Remote Reference Layer is responsible for carrying invocations between client and server. It is also responsible in managing the liveliness of the communication.
  • Transport Layer is responsible for the setup and management of the connection and returning requests to the client.

Besides the Java mechanisms, Java RMI is still not very secure in transmission. Secure Socket Layer has been widely accepted to secure Java RMI

IV. SECURITY MECHANISMS

Web Services and Java RMI does not provide secure protocol for communication. In order to improve the security, an alternative to these are provided which are discussed below.

A. Web Services Security

Web Services does not provide secure transmission protocols for messages. Secure technologies Secure Socket Layer and HTTPS provide partial security to Web Services by encrypting the messages. Organization for the Advancement of Structured Information developed a standard specification to provide security between client and server communication, known as Web Services Security.

Web Services Security makes use of Simple Object Access Protocol (SOAP) architecture by embedding security related information in the header and encryption in the body. (SOAP is a protocol specified for the exchange of information between client and server, based on XML messages). Two security mechanisms are provided for Web Services Security [3]:

  1. Kerberos token profile attached to the header and body encrypted with AES128;
  2. X.509 certificate which uses mixed scheme - symmetric key encrypted with RSA15 and body encrypted with symmetric key via AES128.

Moralis, Pouli, Grammatikou, Papavassiliou and Maglaris [3] compared performance and showed that Kerberos token profile provided a throughput improvement of 28% than X.509 token profile. Though Web Services Security improves the security in Web Services, at the same times overheads may become a concern. Overheads arise from: (a) extra time CPU takes to process operations at both client and server (b) time delayed to transmit larger messages due to additional security content.

B. Java RMI-SSL

Though Java platforms provide security in transmission of messages, there is a necessity of security when transmitted across systems. Secure Socket Layer is most widely used protocol which provides authentication and encryption for Java RMI. The secured Java RMI is referred to as Java RMI-SSL. SSL supports several cipher schemes for authentication with RSA key exchange. The strongest cipher suites supported by SSL are -

  1. Triple DES with SHA1 authentication which supports 168-bit encryption
  2. RC4 with MD5 message authentication which supports 128-bit encryption

Of these RC4 with MD5 cipher suite performs faster. Overheads are a concern in Java RMI-SSL too.

V. SIMULATION ENVIRONMENT

This paper attempts to evaluate the performance of Web Services and Java RMI. Also, Web Services Security and Java RMI-SSL performance are evaluated in order to study their performance as well as the overhead caused due to security providers. For the performance measurement, the metrics to be measured are as follows:

a) Round Trip Method Invocation Time (RTT)

RTT is the time elapsed from the initiation of a method invoked from a client until the results are obtained. RTT helps us in understanding the influence of different data types. Therefore, we have measured the RTT for eight data types: integer, short, long, float, double, boolean, byte and string.

b) Instantiation Time

It is the time required by the client to establish a connection to the remote object/service instance. This does not include the search in registry.

For the performance measurement, an object oriented framework has been developed. To measure the round trip time, simulation has been done for 12 times and their average is calculated by excluding the maximum and minimum values obtained. The Environment required for the simulation are: client and server with similar configurations of Intel Pentium 4 processor with a clock rate of 2.4 GHz and a RAM of 512MB connected to a 100 Mbps switched network. The tools required are Apache Tomcat v5.0 web server, Java 2 Platform Standard Edition version 1.4.2_05 and Java Web Services Developer Pack version 1.4. In order to compare the performance on different distributed systems, the simulation is done on both Windows and Linux operating system. To ensure similar initial conditions, system should be restarted before running each test.

In order to study the overhead factor due to security measurements, first the performance is evaluated on single computer and then the same is repeated on a network of computers. This is because overhead is less on a single computer. As the load increases, the CPU takes more time to process the messages and hence an increase in overhead factor.

VI. SIMULATION RESULTS

A. Performance Analysis on Single Computer:

1) Windows

The simulation is first done on a single computer, where the client and server configurations are deployed on single machine to avoid the overhead. The round trip time for different data types is measured. It is observed that they do not differ much. Hence their average is considered and represented as simple type average.

The performance results are represented in Fig. 4. The results show that Java RMI performs much faster than other alternatives. It can be observed from the results that web services are ~11.9 times slower than Java RMI in simple average type, 10.97 times slower in string data type and interestingly web services performs 7% faster than Java RMI. It is also observed that the security and authentication mechanism in web services and Java RMI performs still slower. Java RMI-SSL is 38.7 % slower than compared to Java RMI. Similarly Web Services Security is ~ 107 times slower in simple average type, ~ 103 times slower in string data and is the same in instantiation when compared to Web Services. Comparing Java RMI-SSL to Web Services Security shows that Web Services Security performance is slower in simple type average and string data type, but it performs faster in instantiation. Results depict that Web Services Security perform much slower than compared to other alternatives and is limited to the use where security is the highest priority. Java RMI-SSL cannot be considered instead of Web Services Security since it cannot operate on computers which are connected on heterogeneous network.

2) Linux

In order to compare the performance on different distributed application, the simulations are repeated on Linux operating system. Same as above, the simulations are repeated on single computer and the overhead factor is avoided.

Fig. 5 shows the performance comparison results which depicts the same that Java RMI performs faster than other alternatives. Comparing Web Services with Java RMI, results show that Web services are ~11.7 times slower in simple type average, ~10.7 times slower in string data type and in instantiation they perform faster than Java RMI. Web Services Security are ~ 93 times slower in simple data type, ~89 times slower in string data type and has same instantiation time when compared to Web Services. Java RMI-SSL performs slower than Java RMI. They are slower by ~ 10.9 % using simple data types, 5% slower using string data type and 11% slower in instantiation. Web Services Security performs slower than Java RMI-SSL in simple data type by a factor of ~ 990 times, in string data type by a factor of ~923 times and performs 9.3% faster in instantiation.

B. Performance comparison on networked computers:

To study the overhead due to security mechanism in Web services and Java RMI, the simulation is run on two network-connected machines. In which the client configuration is deployed on one computer and server functionality on the other computer.

1) Windows

The Simulations are repeated on network-connected windows operating systems. The results are plotted as shown in Fig. 6. It can still be observed that RMI performs faster than the other alternatives. Comparing Web Services with Java RMI, results show that Web services are ~8.9 times slower in simple type average and string data type, and in instantiation they perform 12% faster than Java RMI. Web Services Security is ~ 114.8 times slower in simple data type, ~106.4 times slower in string data type and has same instantiation time when compared to Web Services. Java RMI-SSL performs slower than Java RMI. They are slower by 25% using simple data types, string data type and instantiation. Web Services Security performs slower than Java RMI-SSL in simple data type by a factor of ~ 821.6 times, in string data type by a factor of ~778.17 times and performs 20% faster in instantiation.

2) Linux

The simulations are again repeated on Linux operating system to compare the performance and overhead with the above results.

Fig. 7 represents the performance results. It is observed that RMI still performs faster than the other alternatives irrespective of the operating system and traffic. Comparing Web Services with Java RMI, results show that Web services are ~8.63 times slower in simple type average, ~6.85 times slower in string data type and in instantiation they perform faster than Java RMI. Web Services Security are ~ 88 times slower in simple data type, ~93 times slower in string data type and has same instantiation time when compared to Web Services. Java RMI-SSL performs slower than Java RMI. They are slower by ~ 5 % using simple data types, 6% slower using string data type and 7% slower in instantiation. Web Services Security performs slower than Java RMI-SSL in simple data type by a factor of ~ 990 times, in string data type by a factor of ~923 times and performs 9.3% faster in instantiation.

VII. ANALYSIS OF RESULTS

In this section, first the comparison between the performances on operating systems for the different situations used is done and later the effect of overhead is discussed. Overall, the performance comparison results show that Java RMI performs faster than other alternatives.

A. Comparison of single and networked computers results on Windows

It can be observed from Fig. 4 and Fig. 6 that performance on networked computer is better than the performance on single computers. However Java RMI degrades in performance for simply average type in networked computers. Web Services performance is identical in all the cases. Java RMI-SSL on an average performs faster. And the Web Services Security on an average performs slower in networked computers. This is because the increase in traffic in networked computers. The performance comparison is represented in Fig. 8.

B. Comparison of single and networked computers results on Linux

Comparison between Fig. 5 and Fig. 7 is shown in Fig. 9, in which it is observed that increase in traffic affects the performance. Web Services Security and Java RMI-SSL perform slower in networked computers because the load increases and CPU takes more time to process the requests. On an average Java RMI and Web Services performs faster in networked computer.

C. Analysis between Windows and Linux on single computer

Fig. 4 and Fig. 5 shows that the performance on Linux is better than in windows. On an average there is an improvement in instantiation, simple type average and string data types for all the four cases in Linux when compared to Windows. Hence it can be shown that Linux responds to the service/object requests from client better than the server. The results are represented in Fig. 10.

D. Analysis between Windows and Linux on networked computers

Comparison between Fig. 5 and Fig. 6 shows the same that performance on Linux is better than on Windows. However, there is performance degradation in simple average types and string data types for Java RMI and Web Services. These are due to the implementations of applications between the two operating systems. The results are shown in Fig. 11.

The major difference between the performance of Web Services and Java RMI is due to the transmission protocol used for communication. Web Services uses SOAP protocol embedded with XML based messages whereas Java RMI uses binary protocol with object serialization. Since Web Services uses XML based messages, the message size is more than compared to object oriented messages. This is because the use of attributes in XML makes it lengthier in size. Based on functionality there are several differences between Web Services and Java RMI. Web Services supports both synchronous and asynchronous operations which means a server can responds to the requests from the client with/without notice, Whereas Java RMI supports only synchronous operation that the server has to be notified by the client about the requests. Java RMI. Web Services supports both synchronous and asynchronous operations which means a server can responds to the requests from the client with/without notice, Whereas Java RMI supports only synchronous operation that the server has to be notified by the client about the requests. Java RMI has the additional feature of automatic garbage collection of the objects which are no longer used by the client. Web Services can interoperate across heterogeneous computers whereas Java RMI performance is poor.

There are several mechanisms available to secure Web Services and Java RMI. In this paper, for the simulation part of view digital certificates are used in Web Services Security whereas Java RMI used Cipher suites for the authentication. In addition to the use of system level authentication, encryption of messages should be provided for secure transmission. And also the messages have to be time-stamped each time. These encryption method and time-stamps for each message transmission increases the message size of the protocol which leads to overhead in Java RMI-SSL and Web Services Security. The Overhead is larger for Web Services Security than Java RMI-SSL due to additional message length. Hence, the performance comparison between secure and unsecured variants show that Web Services Security and Java RMI-SSL perform slower than Web Services and Java RMI as shown in Fig. 3,4,5 and 6.

Feature

Web Services

Java RMI

Synchronous operations

Yes

Yes

Asynchronous operations

Yes

No

Document oriented

Yes

No

One-way operations

Yes

No

Distributed garbage collection

No

Yes

Platform independent

Yes

No

Interoperable over heterogeneous platforms

Yes

Partial

Language independent object/service description

Yes

No

Location of objects/services

UDDI

Registry

Remote object/service activation

No

Yes

Security

Web Services-Security

SSL

Table 1: Comparison between the Web Services and Java RMI

VIII. CONCLUSION

In this paper, I have analyzed the performance of Web Services and Java RMI. In order to study the overhead, secured Web Services and Java RMI performance is also compared. Overall results indicate that performance of Java RMI is better than other alternatives. Java RMI becomes a good choice for the applications which require the features like synchronous operation; object oriented and distributed garbage collections. On the other hand Web Service is suitable for the environment which is platform independent, support both synchronous and asynchronous operations. Java RMI-SSL and Web Services Security can be used where the security is the highest priority than performance. However, Secure Remote Password Protocol is becoming more prominent in providing security in Java RMI than Secure Socket Layer. As the performance also matters apart from providing security, Java RMI - Secure Remote Password Protocol can be used as they perform faster. For the detail performance analysis of the Web Services and Java RMI, the simulation is done on Windows and Linux operating systems for two criteria - single and networked computers. It can be observed from the results that Java RMI performs faster in and Web Services Security performs slower. This difference in Web Services Security is due to the larger message size and the network traffic.

Writing Services

Essay Writing
Service

Find out how the very best essay writing service can help you accomplish more and achieve higher marks today.

Assignment Writing Service

From complicated assignments to tricky tasks, our experts can tackle virtually any question thrown at them.

Dissertation Writing Service

A dissertation (also known as a thesis or research project) is probably the most important piece of work for any student! From full dissertations to individual chapters, we’re on hand to support you.

Coursework Writing Service

Our expert qualified writers can help you get your coursework right first time, every time.

Dissertation Proposal Service

The first step to completing a dissertation is to create a proposal that talks about what you wish to do. Our experts can design suitable methodologies - perfect to help you get started with a dissertation.

Report Writing
Service

Reports for any audience. Perfectly structured, professionally written, and tailored to suit your exact requirements.

Essay Skeleton Answer Service

If you’re just looking for some help to get started on an essay, our outline service provides you with a perfect essay plan.

Marking & Proofreading Service

Not sure if your work is hitting the mark? Struggling to get feedback from your lecturer? Our premium marking service was created just for you - get the feedback you deserve now.

Exam Revision
Service

Exams can be one of the most stressful experiences you’ll ever have! Revision is key, and we’re here to help. With custom created revision notes and exam answers, you’ll never feel underprepared again.