The proxy keeps track of an applet's resource consumption in the following five aspects:
The storage size, disk bandwidth and network bandwidth consumptions are kept track of by the ActiveProxy class methods, since they must be called in order for the applet to gain access to those resources. The process running the applet also sets a one-second alarm and record the CPU time and virtual memory sizes in the alarm handler. Limiting the CPU and virtual memory sizes is implemented by the setrlimit system call before branching to the applet's execution.
To prevent denial of service attacks, the proxy imposes upper-limits on all five resources. By default, the upper limit for CPU time is proportional to the latency of sending the request to the server and receiving the response. The virtual memory size is proportional to the length of the response to the client request. The storage size and disk bandwidth limit are also proportional to the response size. Finally, the network bandwidth consumption cannot exceed the response size. The limits are designed with the assumption that the goal of caching the documents is to reduce network traffic. If the goal of caching is for reliability or other reasons, the limits can be raised by the proxy. In our initial prototype, we simply use fixed constants for these limits for ease of implementation.