A performance evaluation of security mechanisms for web services

Bachar Alrouh, Gheorghita Ghinea

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    Recently, web services security has shown a significant gesture as several specifications have been developed and implemented to meet the security challenges of web services. However, the performance of the security mechanisms is fraught with concerns due to additional security contents in SOAP messages, the higher number of message exchanges to establish trust as well as extra CPU time to process these additions. In this paper, we consider and compare the performance of various security mechanisms applied on a simple web service tested with different initial message sizes. The test results show that transport layer security mechanisms are considerably faster than message level security mechanisms. Moreover, the effect of adding SAML-tokens is negligible and the performance of SAML-based web services depends mostly on the underlying security mechanisms. Finally, the performance penalty of applying STS security mechanisms is significantly high comparing to non-STS mechanisms. © 2009 IEEE.
    Original languageEnglish
    Title of host publication5th International Conference on Information Assurance and Security, IAS 2009|Int. Conf. Inf. Assur. Secur., IAS
    Pages715-718
    Number of pages3
    Volume2
    DOIs
    Publication statusPublished - 2009
    Event5th International Conference on Information Assurance and Security, IAS 2009 - Xian
    Duration: 1 Jul 2009 → …

    Conference

    Conference5th International Conference on Information Assurance and Security, IAS 2009
    CityXian
    Period1/07/09 → …

    Keywords

    • Performance
    • Security
    • Web services
    • WSIT

    Fingerprint

    Dive into the research topics of 'A performance evaluation of security mechanisms for web services'. Together they form a unique fingerprint.

    Cite this