An Overview and Evaluation of Web Services Security Performance Optimizations ============================================================================= <p align="right"><i>by Robert A. van Engelen and Wei Zhang, published in the proceedings of the IEEE International Conference on Web Services 2008</i></p> <p><a href="https://twitter.com/share" class="twitter-share-button" data-show-count="true">Tweet</a><script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script></p> WS-Security is an essential component of the Web services protocol stack. WS-Security provides end-to-end security properties (integrity, confidentiality, and authentication) through open XML standards. End-to-end message security assures the participation of non-secure transport intermediaries in message exchanges, which is a key advantage for Web-based systems and service-oriented architectures. However, point-to-point message security based on TLS (Transport Layer Security) is known to significantly outperform WS-Security. In this paper we analyze the overhead of the WS-Security protocol processing stages and evaluate existing and new techniques for WS-Security signature performance optimizations to speed up end-to-end message integrity assurance and authentication. ![Download](images/pdf.png) [Article](articles/icws2008sec.pdf) <p align="right"><i>Copyright (c) 2018, Robert van Engelen, Genivia Inc. All rights reserved.</i></p>