Abstract
The implementation of web service security standards provides end-to-end security attaching signature and encryption headers to SOAP messages, but it outcomes with message overhead, as well as requires complex cryptographic operations for each message or some parts of it. This leads to extra CPU time and memory for processing information related to WS-Security, as well as elapsed time for parsing the increased XML message. This paper describes a series of experiments focused on understanding the performance impact of different security-level mechanisms based on WS-Security. We create a baseline of performance data that can be used to explore if the parameter “message size” or “number of concurrent messages” impacts more to the server performance for different message types with or without different WS-security mechanisms implemented on web service hosted on web server on Linux platform. Also, we analyze the correlation between these two parameters.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Juric, M.B., Rozman, I., Brumen, B., Colnaric, M., Hericko, M.: Comparison of performance of Web services, WS-Security, RMI, and RMI–SSL. Journal of Systems and Software - Special issue: Quality software 79(5), 689–700 (2006)
Novakouski, M., Simanta, S., Peterson, G., Morris, E., Lewis, G.: Performance Analysis of WS-Security Mechanisms in SOAP-Based Web Services. Technical Report CMU/SEI-2010-TR-023, USA (2010)
Moralis, A., Pouli, V., Grammatikou, M., Papavassiliou, S., Maglaris, V.: Performance Comparison of Web Services Security: Kerberos Token Profile Against X.509 Token Profile. IEEE Computer Society, Washington, DC, USA (2007)
Van Engelen, R.A., Zhang, W.: An Overview and Evaluation of Web Services Security Performance Optimizations. IEEE Computer Society, Washington, DC, USA (2008)
Shopov, M., Kakanakov, N.: Evaluation of a single WS-Security implementation. In: Proceedings of the International Conference for Automatics and Informatics 2007, Sofia, Bulgaria, pp. VI-39–VI-42 (2007)
Rodrigues, D., Estrella, J., Branco, K.: Analysis of Security and Performance Aspects in Service-Oriented Architectures. International Journal of Security and Its Applications 5(1), 13–30 (2011)
Engelen, R., Zhang, W.: Identifying Opportunities for Web Services Security Performance Optimizations. In: IEEE Congress on Services - SERVICES, pp. 209–210 (2008)
Liu, H., Pallickara, S., Fox, G.: Performance of Web Services Security. In: Proceedings of the 13th Annual Mardi Gras Conference, Los Angeles, pp. 72–78 (2005)
Eastlake, D., Reagle, Solo, J.D. (eds.) XML-Signature Syntax and Processing W3C Recommendation (2002), http://www.w3.org/TR/xmldsig-core/
Eastlake, D., Reagle, J. (eds.) XML Encryption Syntax and Processing. W3C Recommendation (2002), http://www.w3.org/TR/xmlenc-core/
Nadalin, A., Kaler, C., Hallam-Baker, P., Monzillo, R. (eds.): Web Services Security: SOAP Message Security 1.1 (WS-Security, 2006), (OASIS Standard) (March 2004), http://docs.oasis-open.org/wss/v1.1/wss-v1.1-spec-os-SOAPMessageSecurity.pdf
Security in a Web Services World: A Proposed Architecture and Roadmap A joint security white paper from IBM Corporation and Microsoft Corporation, Version 1.0 (2002), http://download.boulder.ibm.com/ibmdl/pub/software/dw/library/ws-secmap.pdf
Jetty Web server and javax.servlet container, http://www.eclipse.org/jetty/
VMware ESX, http://www.vmware.com/products/vsphere/esxi-and-esx/index.html
SOAPUI testing tool, http://www.soapui.org/
Ristov, S., Tentov, A.: Security Based Performance Issues in Agent-based Web Services Integrating Legacy Information Systems. In: Proceedings of the WASA 2011. CEUR Workshop Proceedings, vol. 752, pp. 45–51 (2011) ISSN 1613-0073
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag GmbH Berlin Heidelberg
About this paper
Cite this paper
Sasko, Tentov, A. (2012). Performance Impact Correlation of Message Size vs. Concurrent Users Implementing Web Service Security on Linux Platform. In: Kocarev, L. (eds) ICT Innovations 2011. ICT Innovations 2011. Advances in Intelligent and Soft Computing, vol 150. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-28664-3_34
Download citation
DOI: https://doi.org/10.1007/978-3-642-28664-3_34
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-28663-6
Online ISBN: 978-3-642-28664-3
eBook Packages: EngineeringEngineering (R0)