Abstract-Online auctions of governmental bonds and CO2 certificates are challenged by high availability requirements in face of high peak loads around the auction deadline. Traditionally, these requirements are addressed by cluster solutions. However, with strong requirements regarding hardware ownership and only a few auctions per owner per year hardware clusters are a rather ineffective solution.Consequently, we contribute with a solution that alleviates the dependability problems by shifting them into the security domain: Key idea is to provide a secure timestamp service that allows users to place bids locally until the deadline, independent of server availability. This allows to mitigate peak-loads and network or server outages as the transfer of bids to the server can be delayed until after a performance peak or the repair of a failed component.In this paper in particular, we contribute with a secure time synchronization and timestamping protocol tailored to online auctions where we apply secure timestamps on smart cards locally connected to the bidder's computer. Moreover, our timestamping protocol is robust with respect to man-inthe-middle delay attacks. Finally, we prove the feasibility of our approach based on a .NET smart card implementation and conclude with a discussion of current smart card limitations.
Today's Internet-scale computing systems often run at a low average load with only occasional peak performance demands. Consequently, computing resources are often overdimensioned, leading to high costs. While load control techniques between clients and servers can help to better utilize a given system, these techniques can place a significant communication and computation load on servers. To improve on these issues, we contribute with scalable techniques for client-request rate control, achieved through integration of (i) a scalable distributed feedback channel to transmit control information from the server to the clients with (ii) decoupling strategies that allow to constrain and filter client requests directly at the client, illustrated in the area of first-price sealed-bid online auctions, and (iii) a PID (Proportional-Integral-Derivative) controller that adaptively controls the input parameters of those decoupling strategies to facilitate an optimal server utilization. In contrast to related work, we can hence optimize server load directly at the source through rate control of the clients. Our evaluations show that this setup supports large sets of clients before the controller becomes unstable.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.