Web服务安全性能优化的概述与评估

2008 IEEE International Conference on Web Services Pub Date : 2008-09-23 DOI:10.1109/ICWS.2008.102

Robert A. van Engelen, Wei Zhang

{"title":"Web服务安全性能优化的概述与评估","authors":"Robert A. van Engelen, Wei Zhang","doi":"10.1109/ICWS.2008.102","DOIUrl":null,"url":null,"abstract":"WS-Security is an essential component of the Web services protocol stack. WS-Security provides end-to-end security properties (integrity, confidentiality, and authentication) through open XML standards. End-to-end message security assures the participation of non-secure transport intermediaries in message exchanges, which is a key advantage for Web-based systems and service-oriented architectures. However, point-to-point message security based on TLS (transport layer security) is known to significantly outperform WS-Security. In this paper we analyze the overhead of the WS-Security protocol processing stages and evaluate existing and new techniques for WS-Security signature performance optimizations to speed up end-to-end message integrity assurance and authentication.","PeriodicalId":275591,"journal":{"name":"2008 IEEE International Conference on Web Services","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-09-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"36","resultStr":"{\"title\":\"An Overview and Evaluation of Web Services Security Performance Optimizations\",\"authors\":\"Robert A. van Engelen, Wei Zhang\",\"doi\":\"10.1109/ICWS.2008.102\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"WS-Security is an essential component of the Web services protocol stack. WS-Security provides end-to-end security properties (integrity, confidentiality, and authentication) through open XML standards. End-to-end message security assures the participation of non-secure transport intermediaries in message exchanges, which is a key advantage for Web-based systems and service-oriented architectures. However, point-to-point message security based on TLS (transport layer security) is known to significantly outperform WS-Security. In this paper we analyze the overhead of the WS-Security protocol processing stages and evaluate existing and new techniques for WS-Security signature performance optimizations to speed up end-to-end message integrity assurance and authentication.\",\"PeriodicalId\":275591,\"journal\":{\"name\":\"2008 IEEE International Conference on Web Services\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-09-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"36\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2008 IEEE International Conference on Web Services\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICWS.2008.102\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2008 IEEE International Conference on Web Services","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICWS.2008.102","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 36

摘要

WS-Security是Web服务协议栈的基本组件。WS-Security通过开放的XML标准提供端到端的安全属性(完整性、机密性和身份验证)。端到端消息安全性确保非安全传输中介参与消息交换，这是基于web的系统和面向服务的体系结构的关键优势。然而，基于TLS(传输层安全性)的点对点消息安全性明显优于WS-Security。在本文中，我们分析了WS-Security协议处理阶段的开销，评估了现有的和新的WS-Security签名性能优化技术，以加快端到端的消息完整性保证和身份验证。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

An Overview and Evaluation of Web Services Security Performance Optimizations

WS-Security is an essential component of the Web services protocol stack. WS-Security provides end-to-end security properties (integrity, confidentiality, and authentication) through open XML standards. End-to-end message security assures the participation of non-secure transport intermediaries in message exchanges, which is a key advantage for Web-based systems and service-oriented architectures. However, point-to-point message security based on TLS (transport layer security) is known to significantly outperform WS-Security. In this paper we analyze the overhead of the WS-Security protocol processing stages and evaluate existing and new techniques for WS-Security signature performance optimizations to speed up end-to-end message integrity assurance and authentication.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2008 IEEE International Conference on Web Services

自引率

0.00%

发文量

期刊最新文献

Redundant-Free Web Services Composition Based on a Two-Phase Algorithm Hybrid Parallelism for XML SAX Parsing Discovering Reference Process Models by Mining Process Variants Transparent Reputation Management for Composite Web Services SCWIM an Integrity Model for SOA Networks