Performance of Web Services Security

نویسندگان

  • Hongbin Liu
  • Shrideep Pallickara
  • Geoffrey Fox
چکیده

Web services enable application integration and data sharing in a platform neutral, language independent environment for both business and science. This increases the degree of exposure of critical resources which poses new challenges to securing data and service. The existing technologies such as VPN, firewall, NAT and SSL are examples of either intra-corporate domain or point-to-point solution, whereas compositional services and complex service invocation chain very often stand across multiple trust domains. In order to cope with the challenges, WS-Security and associated emerging standards define SOAP-level mechanisms to move security related information along with the message content. Designed to achieve end-to-end security, the new standards have also been utilized by the NaradaBrokering [19] messaging infrastructure, a features rich and values added interoperable interface to Web services. These security centered standards, however, have brought about significant overheads to the use of service. Concerns about the operational performance of Web services security are legitimate because the new suite of XML specifications significantly enlarge SOAP size especially its header size. The lately added XML security elements not only make use of more network bandwidth as SOAP transports, they also demand additional CPU cycles at both the assembly-sender side and at the processing-receiver side. Their utilization into the messaging substrate is at debate. Therefore it's desirable to be able to examine the performance issue of Web services security, and it would be considered constructive to examine it based on the specific implementation, based on the actual data gathered from these implementations.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

QoS-Based web service composition based on genetic algorithm

Quality of service (QoS) is an important issue in the design and management of web service composition. QoS in web services consists of various non-functional factors, such as execution cost, execution time, availability, successful execution rate, and security. In recent years, the number of available web services has proliferated, and then offered the same services increasingly. The same web ...

متن کامل

Image flip CAPTCHA

The massive and automated access to Web resources through robots has made it essential for Web service providers to make some conclusion about whether the "user" is a human or a robot. A Human Interaction Proof (HIP) like Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) offers a way to make such a distinction. CAPTCHA is a reverse Turing test used by Web serv...

متن کامل

A model for specification, composition and verification of access control policies and its application to web services

Despite significant advances in the access control domain, requirements of new computational environments like web services still raise new challenges. Lack of appropriate method for specification of access control policies (ACPs), composition, verification and analysis of them have all made the access control in the composition of web services a complicated problem. In this paper, a new indepe...

متن کامل

A Comprehensive Model to Enhance Performance of WS-Security Processing

Service Oriented Architecture with Simple Object Access Protocol based Web Services enable flexible software system integration, especially in heterogeneous environments. These web services require proper security when they communicate critical information. These services are exposed to a variety of external threats and attacks. Therefore, security is an important issue for Web Services. Severa...

متن کامل

Security Aware Mobile Web Service Provisioning

Mobile data services in combination with profluent web services are seemingly the path breaking domain in current information research. Effectively, these mobile web services will pave the way for exciting performance and security challenges, the core needto-be-addressed issues. On security front, though a lot of standardized security specifications and implementations exist for web services in...

متن کامل

A Performance Evaluation of Mobile Web Services Security

It is now feasible to host basic web services on a smart phone due to the advances in wireless devices and mobile communication technologies. The market capture of mobile web services also has increased significantly, in the past years. While the applications are quite welcoming, the ability to provide secure and reliable communication in the vulnerable and volatile mobile ad-hoc topologies is ...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2004