Data-provisioning services can provide high value. Since data can be used and misused in unpredictable ways, organizations deal with the dilemma 'to expose or not to expose' their data through Web APIs and-depending on the nature of their business-ponder possible opportunities and pitfalls. Rate limiting strategies are widely employed to control access to data and to safeguard back-end computational resources. However, their effectiveness depends on a good choice of the maximum allowed rate at which information can be 'safely' released to users. A relevant scenario is represented by public administrations and private companies providing services whose quality is regulated by formal business agreements on the service levels. These organizations may need to choose a rate limit for their Web APIs that prevent unauthorized users to compute service levels with an high confidence while still allowing the creation of useful value-added services. In this paper, we propose a general statistical model for this problem and a technique, based on uniform sampling tools, to select an appropriate rate limit, and we demonstrate its validity through a case study involving a large bus company.

Firmani, D., Leotta, F., Mecella, M. (2019). On computing throttling rate limits in web APIs through statistical inference. In IEEE International Conference on Web Services (ICWS), Winner of the BEST PAPER AWARD, Class A (GII-GRIN rating) (pp.418-425). Institute of Electrical and Electronics Engineers Inc. [10.1109/ICWS.2019.00075].

On computing throttling rate limits in web APIs through statistical inference

Firmani Donatella;
2019-01-01

Abstract

Data-provisioning services can provide high value. Since data can be used and misused in unpredictable ways, organizations deal with the dilemma 'to expose or not to expose' their data through Web APIs and-depending on the nature of their business-ponder possible opportunities and pitfalls. Rate limiting strategies are widely employed to control access to data and to safeguard back-end computational resources. However, their effectiveness depends on a good choice of the maximum allowed rate at which information can be 'safely' released to users. A relevant scenario is represented by public administrations and private companies providing services whose quality is regulated by formal business agreements on the service levels. These organizations may need to choose a rate limit for their Web APIs that prevent unauthorized users to compute service levels with an high confidence while still allowing the creation of useful value-added services. In this paper, we propose a general statistical model for this problem and a technique, based on uniform sampling tools, to select an appropriate rate limit, and we demonstrate its validity through a case study involving a large bus company.
2019
978-1-7281-2717-0
Firmani, D., Leotta, F., Mecella, M. (2019). On computing throttling rate limits in web APIs through statistical inference. In IEEE International Conference on Web Services (ICWS), Winner of the BEST PAPER AWARD, Class A (GII-GRIN rating) (pp.418-425). Institute of Electrical and Electronics Engineers Inc. [10.1109/ICWS.2019.00075].
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11590/368211
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 2
  • ???jsp.display-item.citation.isi??? 0
social impact