Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
Publication date | 2009 |
---|---|
Host publication | Fifth International Conference on Information Assurance and Security (IAS '09) |
Editors | Jen-Shyang Pan, Bao Long Guo, Ajith Abraham |
Place of Publication | Los Alamitos |
Publisher | IEEE COMPUTER SOC |
Pages | 715-718 |
Number of pages | 4 |
ISBN (print) | 9780769537443 |
<mark>Original language</mark> | English |
Event | 5th International Conference on Information Assurance and Security - Xian, United Kingdom Duration: 18/08/2009 → 20/08/2009 |
Conference | 5th International Conference on Information Assurance and Security |
---|---|
Country/Territory | United Kingdom |
Period | 18/08/09 → 20/08/09 |
Conference | 5th International Conference on Information Assurance and Security |
---|---|
Country/Territory | United Kingdom |
Period | 18/08/09 → 20/08/09 |
Recently, web services security has shown a significant gesture as several specifications have been developed and implemented to meet the security challenges of web services. However, the performance of the security mechanisms is fraught with concerns due to additional security, contents in SOAP messages, the higher number of message exchanges to establish trust as well as extra CPU time to process these additions. In this paper, we consider and compare the performance of various security mechanisms applied on a simple web service tested with different initial message sizes. The test results show that transport layer security mechanisms are considerably faster than message level security mechanisms. Moreover, the effect of adding SAMIL-tokens is negligible and the performance of SAML-based web services depends mostly on the underlying security mechanisms. Finally, the performance penalty of applying STS security mechanisms is significantly high comparing to non-STS mechanisms.