A PERFORMANCE MODELLING OF WEB SERVICES SECURITY

Kezhe Tang, David Levy, Shiping Chen, John Zic, Bo Yan

2007

Abstract

While Web Services Security (WSS) enhances the security of web services, it may also introduce additional performance overheads to standard web services due to additional CPU processing and larger message sizes. In this paper, we present a simple performance model for WSS. Based on the observations of WSS performance in our previous work, we extend a web service performance model by modelling WSS extra security operations and increased messages sizes into the existing model. As fitting the parameters on one testing environment, we validate our performance model on another different environment with different messages sizes and WSS security policies. Our testing results show that our performance model is valid and can be used to predicate the performance of web services with a variety of WSS configurations.

References

  1. Booth, D., Haas, H., McCabe, F. and etc., 11 February 2004. Web Services Architecture, W3C Working Group Note. http://www.w3.org/TR/ws-arch/
  2. Chen, S., Yan, B., Zic, J., Liu, R., Ng, A., 2006. Evaluation and Modeling of Web Services Performance, In Proceedings in the IEEE International Conference on Web Services (ICWS'06).
  3. Liu, H., Pallickara, S., Fox, G., February 2005. Performance of Web Services Security. In Proceedings of the 13th Annual 13th Mardi Gras Conference, Baton Rouge, Louisiana, USA
  4. Microsoft Web Services Enhancements (WSE) 2.0 and 3.0 for .NET. Retrieved March 9, 2006, from http://msdn.microsoft.com/webservices/webservices/b uilding/wse/default.aspx
  5. Tang, K., Chen, S., Levy, D., Zic, J., Yan, B., 2006. A Performance Evaluation of Web Services Security, edoc, pp. 67-74, 10th IEEE International Enterprise Distributed Object Computing Conference (EDOC'06).
  6. Web Services Security: SOAP Message Security 1.0(WSSecurity 2004), OASIS Standard 200401, March 2004. Retrieved March 9, 2006, from http://docs.oasisopen.org/wss/2004/01/oasis-200401-wss-soapmessage-security-1.0.pdf
  7. Web Services Security: Username Token Profile 1.0, OASIS Standard 200401, March 2004. Retrieved March 9, 2006, from http://docs.oasisopen.org/wss/2004/01/oasis-200401-wss-usernametoken-profile-1.0.pdf
  8. Web Services Security: X.509 Certificate Token Profile, OASIS Standard 200401, March 2004. Retrieved March 9, 2006, from http://docs.oasisopen.org/wss/2004/01/oasis-200401-wss-x509-tokenprofile-1.0.pdf
  9. XML and Web Services Security, Retrieved March 9, 2006, from http://java.sun.com/webservices/xwss/index.jsp
  10. XML Encryption Syntax and Processing. Retrieved March 9, 2006, from http://www.w3.org/TR/xmlenc-core/
  11. XML-Signature Syntax and Processing. Retrieved March 9, 2006, from http://www.w3.org/TR/xmldsig-core/
Download


Paper Citation


in Harvard Style

Tang K., Levy D., Chen S., Zic J. and Yan B. (2007). A PERFORMANCE MODELLING OF WEB SERVICES SECURITY . In Proceedings of the Third International Conference on Web Information Systems and Technologies - Volume 1: WEBIST, ISBN 978-972-8865-77-1, pages 64-71. DOI: 10.5220/0001277600640071


in Bibtex Style

@conference{webist07,
author={Kezhe Tang and David Levy and Shiping Chen and John Zic and Bo Yan},
title={A PERFORMANCE MODELLING OF WEB SERVICES SECURITY},
booktitle={Proceedings of the Third International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,},
year={2007},
pages={64-71},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001277600640071},
isbn={978-972-8865-77-1},
}


in EndNote Style

TY - CONF
JO - Proceedings of the Third International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,
TI - A PERFORMANCE MODELLING OF WEB SERVICES SECURITY
SN - 978-972-8865-77-1
AU - Tang K.
AU - Levy D.
AU - Chen S.
AU - Zic J.
AU - Yan B.
PY - 2007
SP - 64
EP - 71
DO - 10.5220/0001277600640071