An Overview and Evaluation of Web Services Security Performance Optimizations
by Robert A. van Engelen and Wei Zhang, published in the proceedings of the IEEE International Conference on Web Services 2008
WS-Security is an essential component of the Web services protocol stack. WS-Security provides end-to-end security properties (integrity, confidentiality, and authentication) through open XML standards. End-to-end message security assures the participation of non-secure transport intermediaries in message exchanges, which is a key advantage for Web-based systems and service-oriented architectures. However, point-to-point message security based on TLS (Transport Layer Security) is known to significantly outperform WS-Security. In this paper we analyze the overhead of the WS-Security protocol processing stages and evaluate existing and new techniques for WS-Security signature performance optimizations to speed up end-to-end message integrity assurance and authentication.
Copyright (c) 2018, Robert van Engelen, Genivia Inc. All rights reserved.