Home > Research > Publications & Outputs > A performance evaluation of security mechanisms...
View graph of relations

A performance evaluation of security mechanisms for web services

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paperpeer-review

Published

Standard

A performance evaluation of security mechanisms for web services. / Alrouh, Bachar; Ghinea, Gheorghita.
Fifth International Conference on Information Assurance and Security (IAS '09). ed. / Jen-Shyang Pan; Bao Long Guo; Ajith Abraham. Los Alamitos: IEEE COMPUTER SOC, 2009. p. 715-718.

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paperpeer-review

Harvard

Alrouh, B & Ghinea, G 2009, A performance evaluation of security mechanisms for web services. in J-S Pan, BL Guo & A Abraham (eds), Fifth International Conference on Information Assurance and Security (IAS '09). IEEE COMPUTER SOC, Los Alamitos, pp. 715-718, 5th International Conference on Information Assurance and Security, United Kingdom, 18/08/09. https://doi.org/10.1109/IAS.2009.252

APA

Alrouh, B., & Ghinea, G. (2009). A performance evaluation of security mechanisms for web services. In J.-S. Pan, B. L. Guo, & A. Abraham (Eds.), Fifth International Conference on Information Assurance and Security (IAS '09) (pp. 715-718). IEEE COMPUTER SOC. https://doi.org/10.1109/IAS.2009.252

Vancouver

Alrouh B, Ghinea G. A performance evaluation of security mechanisms for web services. In Pan JS, Guo BL, Abraham A, editors, Fifth International Conference on Information Assurance and Security (IAS '09). Los Alamitos: IEEE COMPUTER SOC. 2009. p. 715-718 doi: 10.1109/IAS.2009.252

Author

Alrouh, Bachar ; Ghinea, Gheorghita. / A performance evaluation of security mechanisms for web services. Fifth International Conference on Information Assurance and Security (IAS '09). editor / Jen-Shyang Pan ; Bao Long Guo ; Ajith Abraham. Los Alamitos : IEEE COMPUTER SOC, 2009. pp. 715-718

Bibtex

@inproceedings{5f4cab32cd4149c3a85e7b47843094aa,
title = "A performance evaluation of security mechanisms for web services",
abstract = "Recently, web services security has shown a significant gesture as several specifications have been developed and implemented to meet the security challenges of web services. However, the performance of the security mechanisms is fraught with concerns due to additional security, contents in SOAP messages, the higher number of message exchanges to establish trust as well as extra CPU time to process these additions. In this paper, we consider and compare the performance of various security mechanisms applied on a simple web service tested with different initial message sizes. The test results show that transport layer security mechanisms are considerably faster than message level security mechanisms. Moreover, the effect of adding SAMIL-tokens is negligible and the performance of SAML-based web services depends mostly on the underlying security mechanisms. Finally, the performance penalty of applying STS security mechanisms is significantly high comparing to non-STS mechanisms.",
keywords = "Web Services, Security, Performance, WSIT",
author = "Bachar Alrouh and Gheorghita Ghinea",
year = "2009",
doi = "10.1109/IAS.2009.252",
language = "English",
isbn = "9780769537443",
pages = "715--718",
editor = "Jen-Shyang Pan and Guo, {Bao Long} and Ajith Abraham",
booktitle = "Fifth International Conference on Information Assurance and Security (IAS '09)",
publisher = "IEEE COMPUTER SOC",
note = "5th International Conference on Information Assurance and Security ; Conference date: 18-08-2009 Through 20-08-2009",

}

RIS

TY - GEN

T1 - A performance evaluation of security mechanisms for web services

AU - Alrouh, Bachar

AU - Ghinea, Gheorghita

PY - 2009

Y1 - 2009

N2 - Recently, web services security has shown a significant gesture as several specifications have been developed and implemented to meet the security challenges of web services. However, the performance of the security mechanisms is fraught with concerns due to additional security, contents in SOAP messages, the higher number of message exchanges to establish trust as well as extra CPU time to process these additions. In this paper, we consider and compare the performance of various security mechanisms applied on a simple web service tested with different initial message sizes. The test results show that transport layer security mechanisms are considerably faster than message level security mechanisms. Moreover, the effect of adding SAMIL-tokens is negligible and the performance of SAML-based web services depends mostly on the underlying security mechanisms. Finally, the performance penalty of applying STS security mechanisms is significantly high comparing to non-STS mechanisms.

AB - Recently, web services security has shown a significant gesture as several specifications have been developed and implemented to meet the security challenges of web services. However, the performance of the security mechanisms is fraught with concerns due to additional security, contents in SOAP messages, the higher number of message exchanges to establish trust as well as extra CPU time to process these additions. In this paper, we consider and compare the performance of various security mechanisms applied on a simple web service tested with different initial message sizes. The test results show that transport layer security mechanisms are considerably faster than message level security mechanisms. Moreover, the effect of adding SAMIL-tokens is negligible and the performance of SAML-based web services depends mostly on the underlying security mechanisms. Finally, the performance penalty of applying STS security mechanisms is significantly high comparing to non-STS mechanisms.

KW - Web Services

KW - Security

KW - Performance

KW - WSIT

U2 - 10.1109/IAS.2009.252

DO - 10.1109/IAS.2009.252

M3 - Conference contribution/Paper

SN - 9780769537443

SP - 715

EP - 718

BT - Fifth International Conference on Information Assurance and Security (IAS '09)

A2 - Pan, Jen-Shyang

A2 - Guo, Bao Long

A2 - Abraham, Ajith

PB - IEEE COMPUTER SOC

CY - Los Alamitos

T2 - 5th International Conference on Information Assurance and Security

Y2 - 18 August 2009 through 20 August 2009

ER -