Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
}
TY - GEN
T1 - A performance evaluation of security mechanisms for web services
AU - Alrouh, Bachar
AU - Ghinea, Gheorghita
PY - 2009
Y1 - 2009
N2 - Recently, web services security has shown a significant gesture as several specifications have been developed and implemented to meet the security challenges of web services. However, the performance of the security mechanisms is fraught with concerns due to additional security, contents in SOAP messages, the higher number of message exchanges to establish trust as well as extra CPU time to process these additions. In this paper, we consider and compare the performance of various security mechanisms applied on a simple web service tested with different initial message sizes. The test results show that transport layer security mechanisms are considerably faster than message level security mechanisms. Moreover, the effect of adding SAMIL-tokens is negligible and the performance of SAML-based web services depends mostly on the underlying security mechanisms. Finally, the performance penalty of applying STS security mechanisms is significantly high comparing to non-STS mechanisms.
AB - Recently, web services security has shown a significant gesture as several specifications have been developed and implemented to meet the security challenges of web services. However, the performance of the security mechanisms is fraught with concerns due to additional security, contents in SOAP messages, the higher number of message exchanges to establish trust as well as extra CPU time to process these additions. In this paper, we consider and compare the performance of various security mechanisms applied on a simple web service tested with different initial message sizes. The test results show that transport layer security mechanisms are considerably faster than message level security mechanisms. Moreover, the effect of adding SAMIL-tokens is negligible and the performance of SAML-based web services depends mostly on the underlying security mechanisms. Finally, the performance penalty of applying STS security mechanisms is significantly high comparing to non-STS mechanisms.
KW - Web Services
KW - Security
KW - Performance
KW - WSIT
U2 - 10.1109/IAS.2009.252
DO - 10.1109/IAS.2009.252
M3 - Conference contribution/Paper
SN - 9780769537443
SP - 715
EP - 718
BT - Fifth International Conference on Information Assurance and Security (IAS '09)
A2 - Pan, Jen-Shyang
A2 - Guo, Bao Long
A2 - Abraham, Ajith
PB - IEEE COMPUTER SOC
CY - Los Alamitos
T2 - 5th International Conference on Information Assurance and Security
Y2 - 18 August 2009 through 20 August 2009
ER -