Data-provisioning services can provide high value. Since data can be used and misused in unpredictable ways, organizations deal with the dilemma 'to expose or not to expose' their data through Web APIs and-depending on the nature of their business-ponder possible opportunities and pitfalls. Rate limiting strategies are widely employed to control access to data and to safeguard back-end computational resources. However, their effectiveness depends on a good choice of the maximum allowed rate at which information can be 'safely' released to users. A relevant scenario is represented by public administrations and private companies providing services whose quality is regulated by formal business agreements on the service levels. These organizations may need to choose a rate limit for their Web APIs that prevent unauthorized users to compute service levels with an high confidence while still allowing the creation of useful value-added services. In this paper, we propose a general statistical model for this problem and a technique, based on uniform sampling tools, to select an appropriate rate limit, and we demonstrate its validity through a case study involving a large bus company.
On computing throttling rate limits in web APIs through statistical inference / Firmani, Donatella; Leotta, Francesco; Mecella, Massimo. - (2019), pp. 418-425. (Intervento presentato al convegno 26th IEEE International Conference on Web Services, ICWS 2019 tenutosi a Milano; Italy) [10.1109/ICWS.2019.00075].
On computing throttling rate limits in web APIs through statistical inference
Firmani Donatella
;Leotta Francesco
;Mecella Massimo
2019
Abstract
Data-provisioning services can provide high value. Since data can be used and misused in unpredictable ways, organizations deal with the dilemma 'to expose or not to expose' their data through Web APIs and-depending on the nature of their business-ponder possible opportunities and pitfalls. Rate limiting strategies are widely employed to control access to data and to safeguard back-end computational resources. However, their effectiveness depends on a good choice of the maximum allowed rate at which information can be 'safely' released to users. A relevant scenario is represented by public administrations and private companies providing services whose quality is regulated by formal business agreements on the service levels. These organizations may need to choose a rate limit for their Web APIs that prevent unauthorized users to compute service levels with an high confidence while still allowing the creation of useful value-added services. In this paper, we propose a general statistical model for this problem and a technique, based on uniform sampling tools, to select an appropriate rate limit, and we demonstrate its validity through a case study involving a large bus company.| File | Dimensione | Formato | |
|---|---|---|---|
|
Firmani_On-Computing-Throttling _2019.pdf
solo gestori archivio
Tipologia:
Versione editoriale (versione pubblicata con il layout dell'editore)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
432.59 kB
Formato
Adobe PDF
|
432.59 kB | Adobe PDF | Contatta l'autore |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
