Computing environments are capable of processing various workloads for one or more entities. By way of example, a workload may comprise transactions processed by various systems, such as the Customer Information Control System (CICS) and DataBase2 (DB2) system, offered by International Business Machines Corporation, Armonk, N.Y.
Within a computing environment, certain non-malicious activity can have a similar effect on the system as a denial of service attack. For example, authorized users/entities can employ automated data mining processes that could stress a computing environment's infrastructure, thus degrading performance of an entire website or application suite served by that system infrastructure.
To illustrate a real world example, within a CICS environment, authorized users commonly employ automated “scripts,” consisting of screen-scrapers and scripting languages. Each of these “automated” users can easily produce the same transaction load on a computer system resource as several hundred human users. If an interactive environment is sized, for example, to accommodate 5,000 current active human users, it can be seen that a small handful of automated users/scripts can significantly impact the environment's infrastructure.
Possible solutions to the problem could include adding capacity to address projected automated user loads, or simply suspending the offending user's access. The downside of adding capacity is that it is expensive, and difficult or impossible to predict what the automated user load might be for a given environment. The drawbacks of suspending a user's access are that it can cause annoyance to valid paying commercial customers, is difficult to administer, has administrative overhead (e.g., the suspended user can be expected to call the support center to negotiate a corrective action), and lacks timeliness, i.e., system degradation may already have occurred and is reactive rather than proactive.
Thus, a need exists in the art for an enhanced technique for controlling access to a computer system resource by valid entities, particularly in the case where the valid entity employs an automated script/process to, for example, perform data mining using the computer system resource.